Inside man in failed £72m electronic heist jailed
A former HSBC worker who tried to steal £72m ($141m) from the bank through an audacious electronic heist has been jailed for nine years. Jagmeet Channa, of Church Road, Ilford, was sentenced to 90 months for conspiracy to defraud and nine years for money laundering at a sentencing at Southwark Crown Court on Monday, after …
OK Channa is actually Chick Pea, but it's still a yummy Ligume.
His only mistake was not to wire the money to a swiss bank account and have someone immediately withdraw it as cash.
He could have got away with it if he'd put a little more though into it.
Move the money to a *swiss* bank account. Transfer funds from other accounts into the source account. Transfer money from other accounts into those. Meanwhile have someone withdraw the money as cash in switzerland, pop in the banks nearby and re-deposit random amounts into a dozen newly opened swiss bank accounts, then transfer the money from there to the cayman islands.
Eventually someone would work out what had happened, but by the time they did you'll be in the cayman islands earning 5% a year, and the cash withdrawl and random deposits will make tracking you down impossible.
As it is it was, it wasn't some "an audacious electronic heist" it was just some moron using stolen login IDs and password to transfer some money to his own account thinking no-one would notice. Muppet.
Yes Nathan, it's that easy to steal 72million pounds from a bank. They never notice. And they don't help each other look out for fraud on that scale. Clever you.
<pats Nathan on the head>
The 'security' of many (?most) banks' money transfer systems depends on no-one knowing two or three username/password combinations which are often: (a) insufficiently complex; (b) rarely changed; (c) regularly shared; or (d) all three. Can you say 'Société Générale'?
I'd bet that for every unsuccessful example of these 'heists' that's made public, there are numerous 'successes' that are quietly hushed up.
PS Channa was definitely 'Mr Bean' and not 'Freebie and the Bean'.
He got caught out so quickly because of the bleeding obvious... for god's sake man, even shoplifters know that you don't 'work' in front of CCTV cameras.. for 72m perhaps you could have at least tried to bloody plan it properly in the first place?
My thoughts float to Richard Pryor turning up to work in a lambo...
What a muppet. At least, the concept of Karma and the world balancing itself out is working well... through his own stupidity, said stupidity has been removed from useful society.
Do not pass go. Do not collect 72m. Now pick up that soap...
He looked like he withdrew money from ONE account. Silly banker--in for seven and a half years. (Yes, I counted.)
If I was in position, I'd do a driftnet scheme over savings accounts. Do the math, and you'll find that you'll get a less than a cent past the first .00$. Now multiply that extra fragmentary change by, let's say, 10,000 accounts. You'll get a value at hundreds, but done over a sucession of months... that also adds up.
The question remains is how to funnel that fragmentary change into someplace secure.
The fact that he got as far as he did shows it is possible.
He just did it badly.
It's hard to imagine someone making more mistakes.
Crap password security makes it completely feasible.
And that he left a huge negative balance on the account he transfered out of. Did he not think it would be noticed straight away by the bank, let alone the owner of the account? What a prat.
The group could have used it as gearing for spread betting, that way £72m becomes about £2 Billion, shorting some stocks for a 10% return over 24 hours.
That isn't the plan, just a sketch.
...I'm disappointed he didn't get away with it - they were robbing me for years.
AFAIK the IT procedures have been in place for years to detect any attempt at harvesting the leftovers part pennies. These are collected by the bankers themselves.
You're only supposed to blow the bloody doors off!
I am surprised he got as far as he did – there must be have been alarm bells ring like mad in some security office.
Two things surprise me more:
1 – If there were others involved, what were they doing to deserve a cut? And why didn’t he just do it solo?
2 – 9 Years? Bit harsh really when murderers and rapists get away with less.
Banks are pretty much fair game I say - nice to hear about someone trying to steal money from them for a change rather than the other way around.
> If I was in position, I'd do a driftnet scheme over savings accounts
Good luck then. That particular scheme is quite well covered by security, it's not as if it's hard to detect. We see you. Go right ahead buddy. >:->
Why not just say 7.5 years? 90 months, indeed...pfft.
Paris, 'cos she'd have thought you meant until the end of the universe.
All these silly ideas... The best way by far to steal money is to *be* a bank. You get to rinse all your customers for even smelling like they might go overdrawn, and quietly bung backhanders at those who kick up a fuss so it doesn't all end up pear shaped. If the house of cards does fall down around your ears, and you look like getting into financial trouble, along comes Gov.org to bail you out, all the senior employees go off to other cash-cows with big, fat Golden handshakes in their sky-rockets, and you and I are left holding the bill...
I mean come on guys, Stealing money from these archaic systems is stupendously easy when you have the access and knowhow (that chap recently who lost a stupendous amount of money and the bank threw him to the wolves, you don't think he didn't make both himself and most particularly the bank a SHITLOAD of money first, do you?), but vastly easier to do so legally and legitimately...
Dear Sir,
You may soon have read or seen on TV that £70m failed to be stealed from HSBC. They are informed wrong. £170m was stealed. £100m is in account here in Nigeria and we need help of honest man like you......
Yes, clearly the missing money would be noticed the following business day.
Of course, since switzerland is 1 hour ahead, a quick evening flight to Zurich gives you time for a good night sleep before you get up bright and breezy and withdraw the cash as the bank opens, a good hour before UK banks start trading.
By the time people come in the next day and actually realise what happened, you'de be long gone with the money. If you've transfered money round a few times to fill the gap where you originally took the money from, it will take a few hours to follow the money and work out that something has actually been stolen, rather than a mistake or legitimate transaction.
As for the sentence, we have sentencing laws in the UK, which quite amazingly, rather than rating the seriousness of the theft based on how you did it, base the sentence on how much you were trying to steal. So someone walking into a bank full of customer with a machine gun will get less time than someone who transfers £1m to his own account fraudulently.
To prove to auditors how cr@p the new IT systems was, I swiped $15million over night.
Auditors response - ah,well. You're an inside man. That wouldn't happen. And if it did, we check your own bank account for 'activities' and we'd get you that way.
Dumb f^cks - I'd put the money in a mates bank account he opened that morning and make sure he telexed it away the following day.
And for those wondering, I did it on a test system, not our live one.
But it's good to see people are still doing it :-0
Coat - yep, the one with tickets and suntan lotion in it....
Sign up, sign up for The Register's weekly IT security newsletter - click here
