A story of a bank fraud private investigation, authored By Robert Mann, Director of Worldwide Intelligence Network.
WHICH EMPLOYEE STOLE THE COMPANY’S MONEY
Occasionally we share a bank fraud private investigation case we conducted with the public that we believe is vital intelligence that may prevent them from becoming a victim of a highly sophisticated cyber intrusion that would target their company’s bank account. The following is about an investigation we conducted on behalf of a Beverly Hills entertainment company who discovered a large sum of money was stolen from their bank account. They suspected the culprit might be someone in their employ and they asked our help in determining who could have perpetrated the crime. Prior to accepting the assignment our Director of Operations conferred with the prospective client and suggested that in addition to the employee interviews he would like one of our cybercrime specialists to look at the company’s computers. We learned all the company’s employees use Apple/Mac Laptops.
WITH BANK FRAUD, ALL EMPLOYEES ARE SUSPECT
We accepted the assignment and commenced interviewing all of the employees separately while our cyber specialist examined each of their laptops for any unlawful intrusion/hack. During the interviews, we learned that the entire staff had a meeting a week or two before the theft about how not to open any document or link that appeared suspicious. We found it rather unfortunate while interviewing one of the employees who admitted to opening a PDF link to a document she thought came from her boss.
THE HACK IDENTIFIED
Our cyber specialist tracked down that particular PDF document and identified it as one that contained rather sophisticated malware. The link to the PDF document was an instruction to this specific employee to send a wire transfer to a particular vendor. The document appeared to be signed not only by her boss but also by the CFO of the company.
THE INCREDIBLE PATIENT HACKER
As the investigation progressed, it became apparent that a very sophisticated hacker had studied the processes the company used to issue payments from their account payable system and duplicated a bogus account payable account and have it appear as if it had gone through all the proper channels with the authorized signers’ emails listed on the PDF document.
It did not take long to uncover that an unlawful intrusion by someone with an infinite amount of patience and endurance penetrated their account payable system and pulled off a theft involving a rather large sum of money withdrawn from our client’s bank account.
ALL EMPLOYEES CLEARED
There was no happy ending to this bank fraud private investigation case, except to say that all of the employees were cleared of wrongdoing. It is also a lesson always learned verbally to verify any instrument requesting a wire transfer.