Long Reads: A chance meeting cost this CIO £400,000

Betrayal, bewilderment and Bank of America

Tom Allen
clock • 7 min read

Why is an insider threat even more dangerous than the hacker in the shadows? Because it’s not the mugging in the dark that hurts the most – it’s the knife in the back.

Crashing down

Finally, after Ghedia convinced Wayne and Nicky to transfer another £40,000 into a separate fund - while cooked statements showed the original growing nicely, up to £1.7 million - they alerted Bank of America. A month later, Wayne got a call that changed everything.

"On June 12th, 2020, at 13:02, my world came crashing down. I got a call from Action Fraud to say my case was being handed over to the City of London Police and to expect a call. Shortly after, a detective constable called to brief me. He said he would check again with BofA Internal Investigations to see if my investment account did actually exist."

The follow-up call confirmed it: There was no such account. Ghedia, a criminal employee operating inside Bank of America, had manipulated systems, bypassed safeguards and stolen more than £600,000 from his victims.

The fallout

Ghedia was fired from Bank of America on 3rd June. He was arrested two months later, in August 2020, and went on to pull off another scam - this time against his insurer, for £1.2 million. He spent 2021 in and out of police stations.

While Covid-19 delayed Ghedia's day in court, he was eventually sentenced to nearly seven years in jail in June 2022 - by which time he had already been behind bars for six months, for breaching bail.

"I went to the sentencing day in court. First time I've ever been in a court. I wanted to see him, to make sure that he knew what I'd done [to put him there]."

Still, it was weak salve for a wound that had cost Wayne and Nick £400,000. As well as the £180,000 they deposited - £150,000 of which they have got back - they also took money from their own savings and used government Bounce Back Loans to keep paying staff when the investment failed to pay out.

Looking back, Wayne is still sure he did almost everything right - but it's the "almost" that cost him.

Speaking now from a position of regretful experience, he says anyone who thinks they might be in a similar situation should always speak directly to senior people in the organisation they're dealing with. He missed out on that because Ghedia was so careful to ensure he had his victims' trust.

Not trusting anyone at face value is, understandably, his second maxim.

"Do a bit more work just to be 101% sure. I might have been 99% sure, but the good criminals know how to get around things."

And finally, verify everything. If someone is urging you to transfer money, even - especially - if they're in a position of trust, check them out; from their digital footprint to their work history.

"When I look back on it, every step, I now say, ‘Why did I not pick it up?' But then talking to other people who've been done over, they say, ‘Look, it can happen to anyone.'

"Maybe it can, but these criminals are becoming more astute. They're using technology to their advantage, and they're able somehow to bypass controls and governance.

"And I don't know how he - or maybe they - did it."

Even the most experienced IT leader can fall victim to the right scam, and as Wayne can attest, being a victim is horrific - the journey before, during and after is a rocky road.

Thankfully, there are initiatives like the Security Awareness Special Interest Group, National Insider Threat Awareness Month (September) and Cybersecurity Month (October) that offer support and help.

Wayne is pushing for his story to drive more accountability on financial institutions, tighten regulations on cyber fraud, and act as a wake up call for regulators like the ICO and FCA that these crimes are real and have a huge personal impact on victims.

Computing is following the data protection side of the case up with the ICO now. To date, the regulator has insisted it won't deal with criminal cases. At the same time, the police insist anything involving data should go via the ICO.

It appears that cases like Wayne's have fallen down the cracks.

If you or someone you know has suffered a similar incident, and had trouble dealing with the ICO and law enforcement, please get in touch.

You may also like
AT&T data breach exposes call records of 'nearly all' wireless customers


Stolen data isn't publicly available yet, the company claims

clock 14 July 2024 • 3 min read
Google strengthens Advanced Protection Program with passkey integration

Security Technology

To enroll in APP with a passkey, users need a compatible device and browser

clock 12 July 2024 • 3 min read
'Gay furry hackers' breach conservative US think tank behind Project 2025


Heritage Foundation calls group "degenerate perverts"

clock 11 July 2024 • 2 min read

More on Security

'Gay furry hackers' breach conservative US think tank behind Project 2025

'Gay furry hackers' breach conservative US think tank behind Project 2025

Heritage Foundation calls group "degenerate perverts"

Tom Allen
clock 11 July 2024 • 2 min read
Why 'change' for the UK must include cybersecurity

Why 'change' for the UK must include cybersecurity

Labour needs to to get ahead and demonstrate a commitment to security from the outset

Rick Jones
clock 11 July 2024 • 4 min read
Mammoth Microsoft Patch Tuesday fixes four zero-days, five critical bugs

Mammoth Microsoft Patch Tuesday fixes four zero-days, five critical bugs

142 holes plugged this month

John Leonard
clock 10 July 2024 • 3 min read