Long Reads: A chance meeting cost this CIO £400,000

Betrayal, bewilderment and Bank of America

Tom Allen
clock • 7 min read

Why is an insider threat even more dangerous than the hacker in the shadows? Because it’s not the mugging in the dark that hurts the most – it’s the knife in the back.

Crashing down

Finally, after Ghedia convinced Wayne and Nicky to transfer another £40,000 into a separate fund - while cooked statements showed the original growing nicely, up to £1.7 million - they alerted Bank of America. A month later, Wayne got a call that changed everything.

"On June 12th, 2020, at 13:02, my world came crashing down. I got a call from Action Fraud to say my case was being handed over to the City of London Police and to expect a call. Shortly after, a detective constable called to brief me. He said he would check again with BofA Internal Investigations to see if my investment account did actually exist."

The follow-up call confirmed it: There was no such account. Ghedia, a criminal employee operating inside Bank of America, had manipulated systems, bypassed safeguards and stolen more than £600,000 from his victims.

The fallout

Ghedia was fired from Bank of America on 3rd June. He was arrested two months later, in August 2020, and went on to pull off another scam - this time against his insurer, for £1.2 million. He spent 2021 in and out of police stations.

While Covid-19 delayed Ghedia's day in court, he was eventually sentenced to nearly seven years in jail in June 2022 - by which time he had already been behind bars for six months, for breaching bail.

"I went to the sentencing day in court. First time I've ever been in a court. I wanted to see him, to make sure that he knew what I'd done [to put him there]."

Still, it was weak salve for a wound that had cost Wayne and Nick £400,000. As well as the £180,000 they deposited - £150,000 of which they have got back - they also took money from their own savings and used government Bounce Back Loans to keep paying staff when the investment failed to pay out.

Looking back, Wayne is still sure he did almost everything right - but it's the "almost" that cost him.

Speaking now from a position of regretful experience, he says anyone who thinks they might be in a similar situation should always speak directly to senior people in the organisation they're dealing with. He missed out on that because Ghedia was so careful to ensure he had his victims' trust.

Not trusting anyone at face value is, understandably, his second maxim.

"Do a bit more work just to be 101% sure. I might have been 99% sure, but the good criminals know how to get around things."

And finally, verify everything. If someone is urging you to transfer money, even - especially - if they're in a position of trust, check them out; from their digital footprint to their work history.

"When I look back on it, every step, I now say, ‘Why did I not pick it up?' But then talking to other people who've been done over, they say, ‘Look, it can happen to anyone.'

"Maybe it can, but these criminals are becoming more astute. They're using technology to their advantage, and they're able somehow to bypass controls and governance.

"And I don't know how he - or maybe they - did it."

Even the most experienced IT leader can fall victim to the right scam, and as Wayne can attest, being a victim is horrific - the journey before, during and after is a rocky road.

Thankfully, there are initiatives like the Security Awareness Special Interest Group, National Insider Threat Awareness Month (September) and Cybersecurity Month (October) that offer support and help.

Wayne is pushing for his story to drive more accountability on financial institutions, tighten regulations on cyber fraud, and act as a wake up call for regulators like the ICO and FCA that these crimes are real and have a huge personal impact on victims.

Computing is following the data protection side of the case up with the ICO now. To date, the regulator has insisted it won't deal with criminal cases. At the same time, the police insist anything involving data should go via the ICO.

It appears that cases like Wayne's have fallen down the cracks.

If you or someone you know has suffered a similar incident, and had trouble dealing with the ICO and law enforcement, please get in touch.

Related Topics

You may also like
MoD hack: IT contractor concealed major hack for months

Hacking

MoD hack: IT contractor concealed major hack for months

SSCL was reportedly awarded a contract worth over £500,000 in April, despite the breach occurring weeks earlier

clock 13 May 2024 • 2 min read

Security

CISOs call to ditch the 'stigma of blame' in cybersecurity

Ditching ‘Humans are the weakest link’

clock 13 May 2024 • 2 min read
Dell confirms data breach affecting 49m people

Hacking

Dell confirms data breach affecting 49m people

No financial info stolen, but names and addresses were leaked

clock 10 May 2024 • 2 min read
Tom Allen
Author spotlight

Tom Allen

View profile
More from Tom Allen

CISOs call to ditch the 'stigma of blame' in cybersecurity

Cybersecurity Festival 2024: Four ways to cut your cyber insurance premiums

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security

Security

CISOs call to ditch the 'stigma of blame' in cybersecurity

Ditching ‘Humans are the weakest link’

Tom Allen
Tom Allen
clock 13 May 2024 • 2 min read
IT Essentials: A cyber staycation
Security

IT Essentials: A cyber staycation

The UK made headlines in security news

Tom Allen
Tom Allen
clock 07 May 2024 • 3 min read
Microsoft: last year we tracked 200 major threat actors, now it's 300
Security

Microsoft: last year we tracked 200 major threat actors, now it's 300

Microsoft chief security adviser Sarah Armstrong Jones calls for more collaboration on AI and security

John Leonard
John Leonard
clock 07 May 2024 • 2 min read