After years in the industry, inventing and exploring emerging technologies, Gideon Hazam, Co-Founder, COO and CSM at Memcyco, https://www.memcyco.com/home found a way to solve a problem outside the normal cybersecurity approaches. He joins us behind the scenes to discuss innovative ways to reduce website spoofing.
Key Topics:
Chapters
Try KiteWorks today at www.KiteWorks.com
Don't Miss our Video on this Exciting KiteWorks Offer!
Try KiteWorks today at www.KiteWorks.com
Don't miss this Video on it!
The Most Secure Managed File Transfer System.
After years in the industry, inventing and exploring emerging technologies, Gideon Hazam, Co-Founder, COO and CSM at Memcyco, https://www.memcyco.com/home found a way to solve a problem outside the normal cybersecurity approaches. He joins us behind the scenes to discuss innovative ways to reduce website spoofing.
Key Topics:
Chapters
Try KiteWorks today at www.KiteWorks.com
Don't Miss our Video on this Exciting KiteWorks Offer!
Try KiteWorks today at www.KiteWorks.com
Don't miss this Video on it!
The Most Secure Managed File Transfer System.
Innovative Ways to Reduce Website Spoofing
After years in the industry, inventing and exploring emerging technologies, Gideon Hazam, Co-Founder, COO and CSM at Memcyco, https://www.memcyco.com/home found a way to solve a problem outside the normal cybersecurity approaches. He joins us behind the scenes to discuss innovative ways to reduce website spoofing.
Key Topics:
new ways to reduce cyber risks in financial institutions, ways to prevent account take overs, innovative ways to reduce website spoofing, new methods to reduce website spoofing, how to reduce cyber risk from website spoofing, latest approaches to reduce cyber risks in financial industry, new ways to reduce cyber risks in financial industry, latest types of phishing, dangers of website spoofing, social engineering attacks against financial institutions, understanding website spoofing
Chapters
01:09 The Importance of Brand Protection
04:01 The Impact of COVID-19 on Cybercrime
06:28 Methods of Website Spoofing
08:37 Account Takeover and Phishing
09:30 Current Solutions and Challenges
15:31 Memsico's Solution: Real-Time Detection and Protection
20:13 Expanding to Other Industries
26:19 Real-Time Detection of Spoofed Sites
27:46 Customer Alerts and Integration with Security Operations Centers
30:51 Introduction to Memsico and its Integration with Risk and Fraud
32:20 Previous Startup Experience and Success
33:25 Challenges Faced by Organizations in Impersonation Attacks
35:38 Focus on Brand Reputation and Customer Trust
36:34 The Need for Protection Against Spoofing Attacks
42:46 The Window of Exposure and the Importance of Protection
43:29 Action Taken by Memsico to Protect Users
46:15 Marking and Tracing Stolen Credentials
D. Mauro (00:05.422)
wonder what happens after your customer clicks on a phishing email and winds up on a website that looks and feels exactly like your website but is in fact fake. It's called website spoofing and well lots of things, bad things happen. The financial destruction affects you personally as well as the authentic brand that is being impersonated.
D. Mauro (00:40.398)
Ever wonder what happens after your customer clicks on a phishing email and winds up on a website that looks and feels exactly like your website, but is in fact fake? It's called website spoofing. And well, lots of things, bad things happen. The financial destruction affects the customer, but it also affects you and your brand that's being impersonated. Did you know that
the actual brands like yours and like credit unions and banks are often liable for the damages that this social engineering tactic causes. In this video, we explore ways to prevent account takeovers and some innovative ways to reduce website spoofing. Gideon Hazam joins us to discuss a new way that they've created that can alert you in real time that your customers are on a site
that is impersonating your website and how they can stop attackers from getting private information. Bottom line, this is excellent for brands and it's a great way how to reduce cyber risk. Bottom line, it's excellent for brands and it's a great way how to reduce cyber risk from website spoofing. So join us behind the scenes. This is the story of Gideon Hazam.
and innovative ways to reduce website spoofing.
D. Mauro (00:02.826)
Welcome everybody to Cyber Crime Junkies. I'm your host, David Mauro In the studio today, I am joined by my illustrious, always positive co-host, the Mark Mosher. Mark, how are you today?
Mark Mosher (00:18.119)
Oh, wonderful, David. I'm excited about this podcast. This is going to be a great episode. Tell us about the guests we've got in the studio with us today.
D. Mauro (00:26.242)
is I'm very excited about today. So we have Gideon Hazam, who is the co-founder, COO and CSM of Memsico. And there's links in the show notes. But Memsico has a really unique and very relevant platform that they've developed. He's going to share with us all about that. And then we're going to talk about, you know, why it's so important today. But it protects people from account takeovers. It helps protect organizations and brands.
from cybercrime threats like brand jacking or website spoofing. Gideon, welcome to the studio, sir. We're very excited about having you.
Gideon Hazam (01:03.728)
Thank you very much David and Mark, thank you for having me and pleasure being here.
D. Mauro (01:09.654)
Well, you know, it's really interesting because the statistics are astounding. There's approximately 73 percent of consumers believe that it's the brand, the business that they believe that they're doing business with, even though fraud has happened and they're doing business with cyber criminals. Right. But still, 73 percent of consumers believe it's the brand's responsibility to prevent incidents like that, like web spoofing. We're going to.
get into what that is in just a second. And 47% of consumers said they're less likely to accept calls or texts from spoofed brands, and 50% of cybercrime in the US stems from brand impersonation. There's another statistic that I found where 81% of consumers would stop engaging with a legitimate brand after an attack with a spoofed brand.
So those are, at the end of the day, what that means is when an organization works very, very hard over decades sometimes, right, oftentimes, to establish their brand, their online presence, their in-person presence, their in-store presence, whatever it might be, and their brand gets tarnished, their reputation gets harmed through things called brand-jacking website spoofing.
and Memsico is seeking to help those organizations. So let's define terms if you don't mind. So what is website spoofing? Just if you can explain that. And then I want everybody to hear kind of your origin story and how you got started in this.
Gideon Hazam (02:49.61)
Yeah.
Gideon Hazam (02:55.568)
Yeah, all right, before I'm jumping into the website spoofing and terms, let me just say, or maybe react to the statistic that you share with us. So basically, the, let's say the common dominator of all this is basically digital trust, right? And this is the issue, practically, because when it comes on the digital world, you know,
If you don't trust things like text message, if you don't trust your email or you don't trust the brand that you associate with, then we have a problem.
And this problem is getting more and more, I would say, severe, especially since COVID came to the world. Because at that time, up until COVID, people used to get to the car, drive to the office, work from the office, and so on. But since COVID came to the world, things have been changed. And
we were required to remote remotely. And this opens huge opportunity, kind of opportunity for the bad actors because now everything is need to be accessible remote. Even the internal system, the internal application of the organization, they need to be opened to the internet for remote access.
D. Mauro (04:05.963)
Right.
Gideon Hazam (04:28.4)
So that was basically the trigger, the main trigger. And ever since the entire world got used to work hybrid and people not really going to the office every day now. So this is becoming kind of a epidemic issue in a way that for the bad actors, this is a great, great opportunity to...
exploit to compromise and trick people especially for account takeover. So going back to your questions regarding spoofing and how this impacts businesses. So spoofing is a kind of a general term for impersonation because if I can impersonate your website I'm spoofing your site. Now there
D. Mauro (05:17.89)
Right.
Gideon Hazam (05:26.856)
how to do this, right? One of the techniques is that I simply going to clone your site, okay? Cloning your site, having kind of a snapshot of a page, HTML page, or the entire site on my machine now, this is a clone. So I took a snapshot, I have a copy now. I can maybe, you know, customize this, change few things.
Mark Mosher (05:35.401)
All right.
Gideon Hazam (05:54.988)
and publish this as a phishing attack.
D. Mauro (05:58.227)
Right.
Gideon Hazam (05:59.016)
There are tools that do this online because as opposed to cloning, maybe I did a clone a month ago and I have a copy on my machine that I'm using now. But there are spoofing tools that doing this action on the fly. So they will bring the copy exactly, exactly. So they will do this exactly. So...
D. Mauro (06:18.975)
in almost real time, in real time. And they sell them on the dark web. Yeah.
Gideon Hazam (06:28.188)
So not only that, you know, we tend to think that it was kind of a professional job for hackers to do. But nowadays, you know, there are kits, phishing kits that you can obtain on the different dark web, dark net or others that allows you basically in a click on a button to generate a phishing attack on any brand you want.
And basically what it does, this kit is doing everything I said, but automatically it will replicate the website. It will strip out things, change few things, and it's up and running. So
D. Mauro (06:58.094)
Correct.
D. Mauro (07:15.746)
So in this scenario, you have ABC Company and ABC.com and somebody else is making something that looks exactly like ABC.com. They're going to send out hundreds of thousands of emails with the skill of enticing people through threat or loss aversion, meaning if you don't do this, something bad is gonna happen with a sense of urgency.
Gideon Hazam (07:27.444)
Mm-hmm.
Gideon Hazam (07:34.962)
Mm-hmm.
D. Mauro (07:41.654)
get people to click on that, that will redirect them to the spoofed site, not to the real site, not to abc.com, but abc.co or abc.whatever, right? But it's going to look exactly like abc.com. And then from there, when you enter your credentials or you transact business or you buy something from them, they're not going to deliver it. They're just going to take your money.
Mark Mosher (07:53.66)
Thank you.
Gideon Hazam (07:53.84)
Whatever. Yeah.
Gideon Hazam (08:00.37)
Exactly. And that's...
Mark Mosher (08:06.992)
Mm-hmm.
Gideon Hazam (08:09.668)
Yeah, so yeah apparently by the way this is uh you know yet another statistics to share is that more than 50% of the account takeover are based on phishing. So phishing became a method, a platform to trick people, to manipulate people, take their kind of identity or digital identity
D. Mauro (08:24.456)
Yes.
Gideon Hazam (08:37.844)
and use this for scams and anything else. So yeah, that's basically the problem. Now, there are solutions in the market to deal with this. So let me, David, with your permission, maybe I'll jump to what is it out there today to deal with this, okay? And what will make the difference?
D. Mauro (09:01.716)
Yeah, please.
Gideon Hazam (09:07.536)
with Memsico in place. So the traditional way to, by the way, can I share? Is it? Yeah. Yeah, so let me maybe share one slide just to explain what is the kind of evolution of
D. Mauro (09:17.119)
Uh, I believe so. Yeah. Go ahead.
D. Mauro (09:30.246)
Actually, why don't we do this? Why don't you just talk through that and then send me the slides? Because when I mix this in post-production, I'll edit these instructions out later, but when we edit it, then we'll have that there and we'll have you, meaning you don't have to share now, but act like you are and then you'll send me the slide. And then it'll be a high-def version of the slide rather than this version.
Gideon Hazam (09:35.17)
Mm-hmm.
Gideon Hazam (09:41.774)
Okay.
Gideon Hazam (09:49.761)
Okay.
Gideon Hazam (09:53.068)
Okay, so let's, oh yeah, perfect. So let's talk about the life cycle of a website impersonation attack, okay? So as I said earlier, you know, the attacks start with either cloning or spoofing online.
D. Mauro (10:06.678)
Mm-hmm.
Gideon Hazam (10:14.976)
Either way, I have now up and running phishing site, which is, you know, attacking the customers of the bank as an example. Now, the current solution in the market are related to threat intelligence services. So these threat intelligence services, basically what they provide, the example of the bank now, they provide a bank the service of detecting
D. Mauro (10:33.203)
Right.
Gideon Hazam (10:44.904)
this phishing site, which has a local live domain in one hand, or maybe has a local live content, right? Both ways, once this threat intelligence companies detect this and they have scanners and crawlers to look for this, once detected, the next step would be to start the tickdown, right, because ultimately we need to take it down.
Otherwise it's still attacking, right? So the process of take down is might take hours, days, weeks, sometimes even while, right? And then people tend to think that once this imposter site was taking down, the attack is over, we're all good. Apparently this is not the case because between detection and take down,
D. Mauro (11:24.79)
It can take a while, right?
Gideon Hazam (11:43.324)
there is what we call window of exposure. And within this window of exposure, people are still falling into this trick to this attack. Exactly. So that is one stage. Once the site was taken down, people as a set think that the attack is over, but it's not because from that point,
D. Mauro (11:46.092)
Right.
D. Mauro (11:55.126)
That's the most important time is that window of exposure.
Gideon Hazam (12:12.616)
the attacker has a list of credentials that he managed to harvest, right? So now all this credentials that he managed to harvest are in the hand of the attacker. He can now exploit this, compromise these credentials and use them or sell them in the dark web. He can trade it or he can use it.
So the attack is not over as long as the credentials are still out there, right?
D. Mauro (12:46.754)
And can I ask you, when you say credentials, do you mean the credentials of the host of the site, that ABC company, or the credentials of all of the individual customers that have accounts on that site?
Gideon Hazam (13:02.148)
Yeah, so we talk about the individuals, right? The customers, let's take the bank example, right? So we have a bank website, we have a login to the bank. So I, as a customer of the bank, I would log in through the web. I'm the victim, I'm going to be lured to get to, you know, to be phished later on.
D. Mauro (13:10.163)
Mm-hmm.
D. Mauro (13:15.243)
Right.
D. Mauro (13:26.334)
and they're gonna be able to log in as you and impersonate you, which has really dire consequences because that is, if they're able to know that password and because people's habits of reusing passwords are so common, and when you are reusing a password and you're reusing one for a banking site, that's probably one of your better ones.
Gideon Hazam (13:29.69)
Exactly.
Gideon Hazam (13:50.62)
Mm-hmm.
D. Mauro (13:52.914)
And so then they can go to other banking sites, they can go to retirement accounts, they can go to government accounts, things like that, and they can fully impersonate somebody. And they can essentially make them homeless. Maybe because they are that person, other than maybe fingerprints, they can totally pay people as you and spend your money. So the risk is very high.
Gideon Hazam (14:05.328)
Exactly.
Gideon Hazam (14:14.696)
Exactly, exactly. The risk is very high and going back to the life cycle of the attack. So with this two window of exposure, the harvesting part and data on the usage of this end user credentials, this is something that threat intelligence don't have. They don't have a way.
to detect this, to know who are the end users that were exposed, to know what credentials, user credentials are out there, and so on and so forth. So this is where Memsico come into the play, because we have, we also have take down services. We also have detection services. We have technology, not only scanners, that detect.
the imposter side in real time and not by scanning the internet. We detect this from the first potential victim that were exposed to this, only by clicking on the link and getting into this imposter side. From that point, that is basically one of the strengths of Memsico in this respect.
D. Mauro (15:19.746)
Right.
Gideon Hazam (15:31.928)
is that we provide the bank in the example of the bank, we provide the bank the full visibility of all the customers of the bank that were exposed to the phishing attack. We give them the names, the locations, when this happens. So if Gideon, as an example, was exposed to phishing attack, the bank will get these details in real time.
So this allows the bank, once they know this in real time, that Gideon is in a higher risk than before because he was exposed now. And the bank can take action immediately. They can block my account, they can stop my credit cards, they can do many things just because knowing that I was now turned to in higher risk score.
than before. So that's one part.
D. Mauro (16:32.894)
So it actually has even some longer term effects that can be put in play. That can, because of that overall risk score, the bank can take additional steps. Or the ABC company. Now that you brought up banks, let me ask you. Banks have specific FFIEC and certain other regulatory, depending on where they're located and where they're getting their funds, clearly.
Gideon Hazam (16:45.16)
Exit.
D. Mauro (17:02.806)
meets the financial institution compliance requirements, meaning there's also the reporting of it that's provided to bank ISOs or information security officers, things like that.
Gideon Hazam (17:18.756)
Yeah, yeah. Yeah, it's a good point and very relevant point, David. Basically, we comply with three ISO certificates. So it's on the corporate level, on the data level, and also on the cloud level. So we are certified. We also, by mid of this year, going to have SOC 2 on top of it. Yeah, yeah.
D. Mauro (17:37.866)
Excellent.
D. Mauro (17:45.586)
Excellent. That's great, Gideon. That's fantastic. I mean, those aren't easy to get. So, I mean, that's really fantastic. But I mean, clearly, banking is one industry. Like, there are so many other industries. Every industry has an online presence. Every industry could benefit by being aware and being able to address this in real time.
Gideon Hazam (17:49.553)
Yeah, yeah. Yes.
Gideon Hazam (18:08.313)
Mm-hmm. Exactly.
D. Mauro (18:10.62)
And that's really key.
Gideon Hazam (18:13.316)
Yeah, and moreover, I think that maybe this is speaking about banks now. So one of the things that we've seen during 2023 and even more this year is that there are more regulations coming into the financial industry that require banks and other institutes to compensate.
customers on any phishing attack. So if I'm a customer of the bank and I was lured to get into a local like domain which look exactly the same as the bank and I was compromised, the bank will
D. Mauro (18:58.894)
so the liability may fall on the actual original bank, even though they had nothing to do with it. Wow.
Gideon Hazam (19:02.732)
Exactly. And I can tell you that, for instance, in the UK, yeah.
D. Mauro (19:09.846)
That'll be interesting. That'll be debatable, right? I mean, that'll be interesting because, I mean, it probably won't be debatable. If the regulation gets issued, it's pretty much done. But that's gonna be a major challenge, especially if that grows beyond the financial institutions, or if it applies to the umbrella term of financial institutions, right? Because that can just...
that can happen, that could all of a sudden be applicable to wealth management groups or CPA firms or real estate trusts and mortgage banks and the small mortgage brokers. And a lot of these are small businesses.
Gideon Hazam (19:48.37)
Mm-hmm.
Exactly, exactly. And the impact is huge. I can tell you that in the UK, for instance, only last year, the banks in the UK had to compensate their customers in hundreds of millions of pounds just because of that. So this is kind of, you know, expanding. Yeah.
D. Mauro (19:52.758)
Oh, that's burdensome. Yeah.
D. Mauro (20:13.07)
That's a void. That is, yeah, that's a void. That's at the front lines of cyber crime, where it's really happening online. And you're right. I mean, ever since COVID happened, everything has an online component, even when people shop at retail stores now. They don't even, even though COVID is essentially not a daily issue. People now are so used to the
Gideon Hazam (20:27.833)
online.
D. Mauro (20:40.558)
curbside pickup or whatever, they've developed it into their habits where they're choosing to shop that way and things. So there's all that online component first as opposed to I'm just gonna run to the store and walk around and pick out what I want. So culturally there's been a massive shift.
Gideon Hazam (20:44.722)
Mm-hmm.
Gideon Hazam (20:55.808)
Exactly. And for as far as Mexico, you know, our traditional market is the financial one, although we have, you know, in e-commerce, we have in retail, we have other, you know, educations. Any
D. Mauro (21:11.122)
Makes sense.
D. Mauro (21:18.43)
I could see retail and e-commerce would be big too.
Gideon Hazam (21:21.352)
Probably, yeah. So, and since this regulations that I just mentioned becoming more, let's say strict regulation and the suspect, we're getting more and more customers coming from the financial market approaching us just because of that, right? So we have more, you know, we have big banks in North America, in the UK and other countries and...
D. Mauro (21:34.079)
Mm-hmm.
D. Mauro (21:42.611)
Absolutely.
Gideon Hazam (21:50.78)
that in many cases that is the trigger that they kind of approaching this.
D. Mauro (21:58.426)
And the way that you guys deliver this, is there a watermark that is put on? How does that work? Is there a watermark on a legitimate site or is the fake site watermarked?
Gideon Hazam (22:06.641)
Yeah, so.
Gideon Hazam (22:11.556)
Okay, so our solution is basically a build of a few functionalities. One is Watermark. Watermark that we developed, it appears on the authenticated site, on the real one, right? And this is kind of providing the authenticity to the end user that when he visits the site,
D. Mauro (22:29.09)
Very good.
Gideon Hazam (22:39.616)
is going to see something within that watermark which only he can recognize. That watermark is unique per each user. Okay? It does not go over the internet so no one can intercept it and it's unique. It's unique per user. Exactly. So it's unique per user.
D. Mauro (22:55.076)
Oh, so it's unique per user.
Oh, that's interesting.
Gideon Hazam (23:02.892)
it resides only on his machine, it doesn't require to download or to install anything, it's all done automatically. And every time for me as the end user visiting the site, I'm going to see a small digital watermark pop-up showing me a code and animation which only I can recognize. So this cannot be forged, cannot be copied or cloned.
D. Mauro (23:06.146)
Hmm
D. Mauro (23:09.674)
Right. It's agentless.
Gideon Hazam (23:33.024)
and hence providing me the authentication that I'm in the real side. Now if I'm visiting a fishing side of the same domain I would not be able to see the watermark because the watermark cannot be cloned. So for me it's kind of a binaric indication either I see the watermark or either I don't. If I don't I'm in the wrong place. Okay.
So Watermark is one level of detection and protection that we provide the customers, the end customers. But behind that, we have a series of detection and protection capabilities that eventually going to in one hand report a lot of things to the brand. Let's pick up few examples here.
So if the bad actor going to clone the site of the bank, the bank is going to be notified in real time. Not only.
D. Mauro (24:38.714)
Okay, so if ABC Company gets their site cloned to another ABC Company,.com or whatever, then the original brand will immediately be alerted. Your site has been cloned. That'll be very helpful. That would be very helpful, I would think.
Gideon Hazam (24:52.332)
Exactly, exactly. And not only saying your Cyphers cloned, we can say, okay, for what machine, for what device, and since we have kind of a device DNA technique behind the scene, we know each and every customer of the bank. So if this is the fraudster,
who is going to make that clone, we will be able to distinguish between the legit user and the bad guy. So this is one type of alert. If someone is going just to investigate the website of the bank, just investigating, we will detect this as well and provide this information to the bank.
D. Mauro (25:22.775)
Hmm.
Gideon Hazam (25:49.928)
So we covered investigation, we covered cloning. Now let's move on next. Next is spoofing. So if the bad actor are going to create a real and publish in postal site of the bank, we will detect this as well in real time. But at this point, and that's the interesting part, at this point, we will also discover all the end customers.
that were exposed to the phishing attack. Okay.
D. Mauro (26:22.946)
So the, okay, so the, now how does it walk me through that? So you're telling me that the, like, if 10,000 of ABC Bank customers are phished and several of them have gone to this site, let's say a hundred of them have gone to this site, you will be able to tell the bank these hundred went to the site. Okay.
Gideon Hazam (26:48.716)
Exactly. And not only say this kind of after the fact, we detect this in real time. So, yeah.
D. Mauro (26:54.878)
No, immediately. Right. Like, 100 people have gone to the site in the last 20 minutes. Right. Check this out. Okay. So the bank can not only be alerted that their site was spoofed, but that these customers that they know now to connect to, they can reach out to them proactively and tell them that the site that you're on, you might still be on it. The site that you're on is not good. It's fraudulent.
Gideon Hazam (27:00.568)
Exactly, exactly. More.
Gideon Hazam (27:11.954)
Mm-hmm.
Gideon Hazam (27:15.909)
Yeah.
Gideon Hazam (27:23.424)
Yeah, so we have here a little bit of advanced technology as well, so the bank will not need to call the customer to say that, because we're going to alert the customer on the screen in real time. He's going to get a red alert without having an agent.
D. Mauro (27:41.546)
without having an agent on the customers.
Okay, walk us through that, please. So what does a customer see? I don't need to know the technology behind it, but tell me what the customer experiences.
Gideon Hazam (27:49.656)
Okay.
Gideon Hazam (27:56.744)
So the customer experience would be that he's visiting an imporcial site of the bank. Once he click on the link and he opened this on his browser, he's going to be alerted immediately with a red alert on the screen telling him, hey, watch your warning message. This is an imporcial site. Kind of stay away. You're not in the real bank here.
D. Mauro (28:04.894)
Mm-hmm.
D. Mauro (28:10.439)
Mm-hmm.
Gideon Hazam (28:26.012)
At the same time, on the same time, but, yeah. On the same time, when this is happening, the bank will get this alert as well and tell, yeah, we know that David was exposed now. David also saw the red alert. So we gave the bank the indication that you also were alerted.
D. Mauro (28:27.455)
That is really helpful. That was really impactful.
D. Mauro (28:49.314)
that.
Excellent. And that's all done in real time. And does that feed into the bank's SOC or the Security Operations Center? Does it feed into the bank's MSSP? Let's say they have an outsource SOC.
Gideon Hazam (29:04.836)
Yeah, so both options apply. So basically, exactly, exactly. So we have our own dashboard, right? And the bank can use its own, you know, SIEM system if you want. And we can inject the alerts from our system to their system. So we have all options, but not.
D. Mauro (29:08.33)
It all depends on what the bank is doing, basically.
D. Mauro (29:22.443)
Mm-hmm.
D. Mauro (29:30.146)
So the logs can just feed right into the SIM that the SOC is doing, or if not, let's say it's a community bank and they might not have SIM or whatever, then they can still use your dashboard.
Gideon Hazam (29:33.869)
Exactly.
Gideon Hazam (29:39.29)
Exactly.
Gideon Hazam (29:42.968)
Yeah, exactly. But moreover, David, the one of the interesting thing here is that if we speak about integration, we also have an API, right? And this API basically allows the bank, we still kind of using the bank as an example, but this applies to any organization.
D. Mauro (30:02.834)
Yeah, sure, of course.
Gideon Hazam (30:05.56)
So this API basically injects some of the data or the relevant data directly to the risk and fraud system of the bank, right? So we feed this information in real time so they know David was just was exposed to a phishing attack.
David is in high risk. The backend system of the bank, the risk and fraud system are up to date now with this information and they can take action immediately. They can say, okay, we freeze your account and we give you a call, say, we know for sure that you were exposed, right?
D. Mauro (30:51.67)
Right.
Gideon Hazam (30:51.824)
We don't know for sure if you were compromised, but we're taking some precautions here and proactively we're doing this and that, okay? So by the way, this is a real use case. We have banks that using this in real time and we have this integration with the risk and fraud and it's working very well.
D. Mauro (31:06.008)
Yeah.
D. Mauro (31:17.818)
So let's back up a second. So when was Memsico founded? And how did you, I know when you were a young boy, you didn't grow up thinking, this is what I'm gonna do. Like I'm gonna create something that will help banks detect fraud websites because I can't believe I'm in cybersecurity because when I was growing up, it wasn't even a thing. It didn't even exist really. So how did this...
How did your origin story happen? How did you first get into technology and then discover a passion for this?
Gideon Hazam (31:46.562)
Yeah.
Gideon Hazam (31:51.092)
Yeah, so good question. Basically, you know, if we're looking at the management of Memsico, so we are basically four founders that founded Memsico three years ago, but this group of four founders, we've been working together for nearly, I believe more than 30 years now. So yeah, so we all technologists, we all came from, you know, computing
D. Mauro (32:13.281)
Oh, well.
D. Mauro (32:17.496)
Mm-hmm.
Gideon Hazam (32:20.792)
institutions at the beginning and ever since we've been working together and it's not our first startup that we established, right? So you said, you know, I don't know what's the age here but if we go back to the 90s, right?
D. Mauro (32:32.738)
Got it. Yeah.
D. Mauro (32:41.238)
Yeah, I was gonna say you guys were together even before everybody was worried about Y2K, which is back when I got into it and I was like, even when it was going on, I was still like this is not gonna even happen. I can't believe they're paying us to protect them from Y2K, right? That's ridiculous.
Gideon Hazam (32:52.693)
Exactly.
Gideon Hazam (32:57.78)
Yeah, so going back to the 90s where cyber term was not there yet, but security, but security was. So we had a startup back in the 90s, it called Memco, Memco software. And basically, we develop a unique security protection for open systems like Unix and Linux.
D. Mauro (33:04.63)
Right.
D. Mauro (33:09.111)
Right.
D. Mauro (33:17.119)
Okay. Interesting.
D. Mauro (33:25.751)
Ah, okay.
Gideon Hazam (33:26.972)
To make the long story short, it was great success. And eventually, Computer Associate acquired us for big money. And ever since, by the way, more than 20 years, our solution is still being used. And I think CA is selling hundreds of millions of dollars per year just on our solution. So I'm saying this because this is
D. Mauro (33:35.373)
Yeah.
D. Mauro (33:42.338)
still being used.
D. Mauro (33:52.987)
Unbelievable.
Gideon Hazam (33:56.188)
This is basically our background. We came in from the security world. We know that. And so going back three years now, and what's basically was the trigger to establish Memsico. So we took a time, and this has literally happened. We took six months of studying and researching and meeting with...
D. Mauro (34:01.452)
Yep.
Gideon Hazam (34:24.392)
CISOs, CTOs, CEOs, all C levels around the globe, right? Mainly in the US, Europe and other countries. A lot of people that we know from past experience and the thing that we actually met and discuss with them was what are the main challenges that they see in terms of impersonation attack on their brand?
D. Mauro (34:26.507)
Mm-hmm.
D. Mauro (34:38.882)
Mm-hmm.
Gideon Hazam (34:54.088)
Okay, because, and we touched this at the beginning of the meeting today, but a lot of companies were focused on the internal security parameter, right? You know how.
D. Mauro (34:54.28)
Mm-hmm.
D. Mauro (35:08.55)
They're worried about the anomalies and the threat actors when they get inside their network. That's where most of the discussion, but this is more the brand reputation and the ultimate customer trust, which is to me the crux of it all. This is why I was excited about having you on because the brand reputation organizations today, and correct me if I'm wrong, based on all the research you've found too, and you've been in the industry for a long time.
Gideon Hazam (35:14.006)
Exactly.
D. Mauro (35:38.334)
I mean, they'll spend most of their time, revenue, resources at building the brand, but they will fly it without a lot of protection, right? And they don't understand very often, partly because the cybersecurity community has done a pretty poor job of communicating.
Gideon Hazam (35:49.565)
Mm-hmm.
Gideon Hazam (35:54.491)
Exactly.
D. Mauro (36:04.846)
to them, right, that they are flying it at high risk. And then they get torpedoed, right? And not just indirectly by somebody breaching their own network, but by their digital footprint and their website and the brand jacking that occurs. Because that is much more common. And from a technical perspective, it's much, it's a little bit easier for threat actors to do.
Gideon Hazam (36:25.019)
Yeah.
D. Mauro (36:34.662)
And that's where most consumers are being drugged into the mix. And that's where a lot of the liability is. That's where Memsco kind of came in, came into play, right?
Gideon Hazam (36:44.004)
Exactly, exactly, exactly. And basically that type of information we gather from all the, you know, research and interviews that we've done and we kind of pinpoint exactly what are the challenges and one of the major one was how do I know as an organization, whom of my customers were exposed, whom of my customers are at risk.
D. Mauro (36:54.274)
Yep.
Gideon Hazam (37:12.028)
How can I protect them? How can I know what is the magnitude of these attacks? So this is something that basically was the foundation for us to develop our platform. And ever since three years now, we have nearly three years now, we have about 50 customers already.
globally. We are nearly 50 people on board. We're still growing. We have two big venture capitals that American ones that invested in the company as well. And we see, you know, and we have a very, I would say,
interesting roadmap going forward because we have a lot of other things to add and we're working to edit as we speak. So...
D. Mauro (38:11.734)
Well, that's fantastic. And it's really unique because when you think about, this is not something in the toolbox of a lot of SOCs. And it is something that decision makers and people that the SOC team and the defenders need to report to, right? That the decision makers ultimately care about, right? The stakeholders at the end of the day care about the
Gideon Hazam (38:24.42)
Mm-hmm.
D. Mauro (38:40.878)
customer-facing trust and reputation. And so, Memsco is kind of coming in from a different angle, right? Something that is very prevalent in the tens of billions of dollars a year and saying, here's another element of your threat and risk landscape that a lot of organizations aren't really addressing.
Gideon Hazam (38:44.848)
Yeah.
D. Mauro (39:05.162)
So many of them are focusing on the endpoint detection and the SIMs and things like that when they were getting into their network because their site is hosted somewhere else, right? The site is hosted by some third party vendor or something, right, but they're not realizing that risk.
Gideon Hazam (39:05.58)
Exactly.
Gideon Hazam (39:16.326)
Mm-hmm.
Gideon Hazam (39:20.808)
Yeah.
Gideon Hazam (39:25.496)
Exactly. And I can, you know, speaking about SOC in general, it reminds me that one of the, you know, the biggest partners we have is Deloitte. Deloitte, yeah, Deloitte globally acknowledge the values and the capabilities that Memsico can provide Deloitte customers.
D. Mauro (39:39.13)
Ah, phenomenal.
Gideon Hazam (39:54.068)
So Deloitte has MSSP and SOC as a service to their customers. And basically Deloitte now is using our technology to detect, protect and do actions for their customers. And this is going very well, you know, in the States, in the UK, in Spain and other countries. So Deloitte has really became a great partner.
D. Mauro (39:58.934)
Mm-hmm.
Gideon Hazam (40:23.291)
respect and we have more.
D. Mauro (40:26.006)
Yeah, makes perfect sense. And I could see you going through the, and Memsco going through, through various channels as well, like through the MSP, MSSP channels, because I could see MSPs and MSSP's needing this to add to their toolbox of what they can offer customers.
Gideon Hazam (40:38.532)
Yeah. Exactly.
Gideon Hazam (40:49.092)
Yeah. So that was there's.
D. Mauro (40:50.41)
I mean, because it can expand far beyond the financial sector as well. I mean, manufacturing, retail, even small businesses could use elements of this, right? Platforms like this. Is this an offering that small business can engage with?
Gideon Hazam (40:57.037)
Exactly.
Gideon Hazam (41:08.94)
Exactly.
D. Mauro (41:17.43)
with you on or is it more at an enterprise grade level? Meaning do you have a Memsico light for small business? Like is there? Okay, excellent.
Gideon Hazam (41:28.768)
Yeah, so we do have. So we have customers that are very small. We have mid-sized customers and we have enterprises as he said. Because the solution is there for anyone. You can be a small business, but you can be very vulnerable or very targeted. And because of that, exactly.
D. Mauro (41:34.538)
Yep. Excellent.
D. Mauro (41:42.274)
Right.
D. Mauro (41:48.506)
Oh yeah, and that can totally destroy them, right? I mean, that's, you know, and the bulk of, you know, in the technology space, everybody always likes to focus on enterprise, but the truth is the bulk of people are employed by small to mid-size employees, employers, right? And so if we can drive some of these solutions downstream in size,
Gideon Hazam (42:06.567)
Mm-hmm.
D. Mauro (42:16.466)
of the organization. It can really help American society as a whole, North American society. So that's really good. This was really helpful. You know, talking about the dangers posed by spoofing attacks and the window of exposure was really, really interesting. You've really
Gideon Hazam (42:16.668)
Mm-hmm.
Gideon Hazam (42:24.108)
Exactly.
D. Mauro (42:46.198)
Before we wrap up, can you reiterate some of those, highlight some of those? Like there's three windows of exposure that any organization with a website and a digital presence is gonna have.
Gideon Hazam (42:53.424)
Yeah, so.
Gideon Hazam (43:01.7)
Right, so David before I'm doing this if time would allow us maybe taking a couple minutes there's you know we talk about detection, we talk about alerting, but we didn't talk about action and one of the okay so one of the actions that Memsico does or provide is that let's take this scenario as an example
D. Mauro (43:11.629)
Mm-hmm.
D. Mauro (43:16.638)
Yeah, let's talk about the action. Yeah, what action is taken?
Gideon Hazam (43:29.344)
if the victim or the potential victim is being lured to get into a phishing site of the brand and let's say he is ignoring the red alert okay and he's proceeding to the login page and he's going to put in his user credentials username and password
So we have a very unique technology which is behind the scene. No one really can see this. And this technology, what it does on the imposter side is going to scramble and mark the credentials of the victim on the way to the fraudster. So...
D. Mauro (44:13.246)
Okay, so hang on. Hang on a minute. You're telling me I really like this. So the crime fighter in me, the Batman in me is loving this. So you're telling me on the fraudsters site, on the cyber criminals spoofed site, you have Mrs. Buttermaker. She's she's ignoring the red alert because.
Her kid sometimes games on her computer and she's working from home and she's like, it's probably something Johnny did, whatever, and she still proceeds to put her credentials in. It will encrypt essentially, it'll truncate her credentials in between her entry of them and the receiving of it by the cyber crypt.
Gideon Hazam (45:00.928)
Exactly. So not only, yeah, so not only we are changing this on the fly, we're going to market it. Okay, so it's like, you know, fake currency bills, you know, sometimes the police doing this marking bills that they can trace. So once the bad actor getting this marked credentials,
D. Mauro (45:02.459)
Outstanding.
D. Mauro (45:11.703)
Mm-hmm.
D. Mauro (45:15.885)
Right.
D. Mauro (45:19.135)
Yep.
Gideon Hazam (45:27.476)
doesn't know that they are marked, he doesn't know that they were kind of scrambled or changed, he thinks that he did very well, he harvested many of these and now he either is going to try them on right away or he's going to sell them on the dark web and someone is going to try this a month from now. Either way, once someone is going to try these credentials on the real site
okay, on the authenticated side, we will detect this. We'll say, oh, we know these credentials, we changed them. We know these marking buttons and we detect this in real time. So we can also trace back to the to the bad actor as well. Exactly.
D. Mauro (46:15.918)
to the seller, to the seller, yeah. So you even mark the faked credentials, the truncated credentials, the encrypted credentials, the changed credentials, so that later if they're sold, you can track them.
Gideon Hazam (46:25.883)
Exactly.
in the circle.
Exactly, exactly. And this is a very, very powerful capability. Yeah.
D. Mauro (46:37.39)
Yeah, that's really powerful. That's really powerful.
Gideon Hazam (46:43.673)
and basically we protect the victim even without him knowing that we did it behind the scene, right? So the bank is going to get all this information.
D. Mauro (46:55.13)
Oh, and the hacker doesn't even, the threat actor doesn't even know it.
Gideon Hazam (46:59.917)
Exactly.
And you know, time will not allow us, but obviously we have more functionalities, more capabilities, other than that one.
D. Mauro (47:14.626)
But that's interesting. Look, I mean, every technology has features and benefits, and those are great and everything, but that's really powerful because it is a cause for wanting to have this involved in your overall risk management and your overall cyber information plan, right? I mean, this is really, really key.
Gideon Hazam (47:25.06)
Mm-hmm.
Gideon Hazam (47:39.7)
Thank you.
Exactly.
D. Mauro (47:43.686)
Are you in this space? Are there larger brands that have something similar? Are you guys competing against, you know, coming up against the, I don't know who would be in this space, I don't know if CrowdStrike or SentinelOne or any of those are in this space.
Gideon Hazam (47:54.265)
So
Gideon Hazam (47:58.189)
Yeah.
Gideon Hazam (48:04.532)
So the answer is no. You know, we are unique. Yeah.
D. Mauro (48:07.91)
Lucky, lucky you. Because this is the first time I've heard of this. So this is that's why I was like, I probably don't know. But that's why I wanted to ask.
Gideon Hazam (48:16.42)
Now, we're unique. We have some patent registered as well. So we have like, you know, take the digital watermark as an example, this is unique to us. And we have a patent file for this and we have more. So this is really exciting, really promising and going to the point of, you know, wrapping up the, you know, the cycle.
D. Mauro (48:26.531)
Mm-hmm.
Gideon Hazam (48:45.896)
So remember that, you know, detection, this is one part. Protection, this is another part. And providing action is the third part. So this is the, let's say if we look at Memsicle platform, this is what we cover, detection, protection and action. But remember that in the life cycle of any attack, they are
D. Mauro (48:51.371)
Mm-hmm.
D. Mauro (48:59.768)
Mm-hmm.
Gideon Hazam (49:14.748)
window of exposures that are not covered and this is exactly what MAMSICOR provides. The protection on the end user in real time, no matter what. So I can tell you without disclosing obviously the name, but one of the banks that using us already stated that they saving a bit more than one million dollar a month.
D. Mauro (49:20.928)
Right.
D. Mauro (49:29.227)
Yep.
Gideon Hazam (49:44.136)
since they start using us, because they stop compensating customers just because of that.
D. Mauro (49:46.679)
Wow.
D. Mauro (49:54.678)
Right. Because it stops it.
Gideon Hazam (49:57.403)
Exactly.
D. Mauro (50:03.03)
That's fantastic. That's really interesting. It's such a unique approach to the threat landscape. You know, that's very good. That's really interesting. Yeah, and account takeovers, I mean, let me ask you this. Does this do anything? And it's fine if it's not, maybe it's not designed for it. Like it doesn't solve every threat, you know, window. But does it...
Gideon Hazam (50:08.47)
Mm-hmm.
Exactly.
Gideon Hazam (50:30.105)
Mm-hmm.
D. Mauro (50:33.678)
How does the, you know, on the dark web, which, you know, by the way, is right there, right? Like, it's like if anybody's interested in, oh, the dark web is really mysterious. No, it's just on a computer right there and that I'm pointing at. Like, yeah, it's behind me. Like, if anybody can access the dark web. On there, there's all these marketplaces, you know, and they sell, you know,
Gideon Hazam (50:49.677)
It's behind you, yeah.
D. Mauro (51:02.538)
you know, ATM cards, fake credit cards, things like that. If somebody gets an ATM card and tries to use it, or somebody's credit card, does Memsco get involved in any of that protection, or is it not designed for that?
Gideon Hazam (51:18.74)
So, generally speaking, it's not designed for that, but mentioning credit cards, we do have kind of a solution for credit cards as well. But the usage of credit card online, right? Not in the shop. So one of the things that obviously our customers would do is that they will try to steal your credit card numbers and details. And...
D. Mauro (51:33.502)
Right, correct. Right.
Gideon Hazam (51:46.396)
So using the same concept of scrambling and mocking the credentials of the user, we have the same concept for credit card number. So if the victim is entering a credit card number in let's say a payment page, and that payment page is basically a fake one.
D. Mauro (51:59.649)
Mmm.
D. Mauro (52:13.247)
Right.
Gideon Hazam (52:14.292)
We will do the same action behind the scene. We're going to scramble and change and mark. And the, this is by the way, it's a bit more complicated because we, you need to keep a very, there is a format for credit card numbers that you need to keep using all the time. So we have this also developed. So the fraudster going to get,
sort of legit number of credit cards, but this is not the credit card of David that just entered them into this page.
D. Mauro (52:53.822)
they'll get a scrambled and marked number. Oh, that's fantastic. And in behind the scenes, without explaining the technical aspect, but it's tied to the main site of the site, right? Like abccompany.com, what you're doing is you're identifying whether that is replicated elsewhere online, right? So it's really tied to what their online presence is.
Gideon Hazam (52:56.269)
Exactly.
Gideon Hazam (53:19.857)
Yeah.
Gideon Hazam (53:23.672)
Yeah, so we're not protecting customers and customers, no matter what, we're protecting the customer in relation to the domain that we are protecting. So if we are protecting abc.com, as an example, all the customers of abc.com are the ones that we're going to be protecting basically.
D. Mauro (53:46.926)
Right, exactly. Well, that's phenomenal. Gideon Hazam, thank you very much. We will have links to Memsico and we invite people to check this out. And this will be something I know that we will see at the trade shows and in the industry because this is really unique. It's one of those
vectors that people don't always talk about, right? And you guys have really identified, it's like you've been doing this, it's like you guys know what you're doing. So who are some of your other partners? Like are they local in the US? Did they come up together with you? Are they international?
Gideon Hazam (54:19.27)
Exactly.
Gideon Hazam (54:24.625)
Mm-hmm.
Gideon Hazam (54:34.036)
So yeah, so basically we are an American registered company. We have offices in different locations, but the American...
American market is our main target market. We have Deloitte, we have other channels and partners in the US, also in Canada, also in Latin America, so we have now customers in Mexico and other countries. So yeah, so basically we are very well covered in that respect.
D. Mauro (55:06.626)
Phenomenal, yeah.
D. Mauro (55:14.91)
Well, that is great. Well, I guarantee this will not be the last time we speak. So that is that is really good. We wish you guys nothing but the best. And as you guys evolve and as Memsico becomes a household name or a house in bank name across the globe, I hope that you will come back and visit with us when you're too big, when you're too big. And Wall Street Journal is calling you and.
Gideon Hazam (55:39.216)
Okay.
D. Mauro (55:43.498)
You're too big and you'll be like, yeah, you started on cybercrime junkies. Don't forget that. So this is really good. So we wish you the best and thank you so much.
Gideon Hazam (55:47.12)
Yeah, yeah, I won't forget this. I won't forget this.
Gideon Hazam (55:53.832)
Thank you very much, David. Thank you for having me. It was really interesting discussion.
D. Mauro (55:56.386)
Thank you. Yeah, it was a phenomenal approach to a really important risk that organizations have today. So thank you for what you guys are doing. Thanks.
Gideon Hazam (56:07.164)
Thank you. Thank you.