back to article IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata

A now-former senior IT exec has admitted conning his employer out of $6m – by setting up a fake tech services biz that billed his bosses for bogus services. US prosecutors announced on Friday that Hicham Kabbaj, 48, of Floral Park, Long Island, New York, pleaded guilty to one count of wire fraud. He faces up to 20 years in the …

  1. James O'Shea

    idiot

    MS Office has tools specifically designed to delete metadata. http://washburnlaw.edu/library/technology/tutorials/metadata-win.html is but one of many places, including official MS sites, which shows the procedure. It's been around in one form or another since at least Office 2003.

    Using LibreOffice or similar would also clense the metadata. Hell, WordPad might do the trick, I've never tried it but it should clean the Word metadata.

    And there's always the good old use a different computer.

    If _I_ were running this scheme, I'd write the invoices up using LibreOffice in a encrypted VM. Do the work in ODT format, export to DOCX, or, better, to PDF. Store the VM's VHD on a external drive. Run the VM only on someone else's machine.

    Not stealing $6 million would also work, but obviously wasn't an option.

    1. steviebuk Silver badge

      Re: idiot

      You need a criminal mind to help protect yourself. I always say this when I have thoughts like you on "How I would of done it" people mistake it as the thought you'd actually do it. But planning ways to do it, but not actually do it, is always interesting.

      1. John Brown (no body) Silver badge

        Re: idiot

        "But planning ways to do it, but not actually do it, is always interesting."

        So long as you do it on your own. Do it with someone else and it's conspiracy (IANAL, obviously :-))

        1. robidy Bronze badge

          Re: idiot

          You have to think like a criminal to catch a criminal :)

        2. Lotaresco

          Re: idiot

          "But planning ways to do it, but not actually do it, is always interesting."

          "So long as you do it on your own. Do it with someone else and it's conspiracy (IANAL, obviously :-))"

          Where I work it would be a frequently repeated team exercise. If we don't try to think like criminals how can we protect our assets?

      2. Oh Homer
        Holmes

        Re: planning ways to do it

        Planning crimes is not only interesting, it's also a legitimate necessity ... for criminal investigators.

        It takes one to catch one is not just an aphorism.

        1. W.S.Gosset Silver badge

          Re: planning ways to do it

          Yeah, suggest you go along to a CTF session at a meetup.com's Security/Pentest/etc club, eg BNE0x2F. It will truly curl your hair. And truly motivate anyone to be anal about security/updates/etc.

          1. defiler Silver badge

            Re: planning ways to do it

            Capture The Flag? Cool!

      3. TheSkunkyMonk

        Re: idiot

        IT might be interesting but it normally leads to more temptation, then action, I ruined my career a decade or so ago with what started as a simple curiosity and yes it turns out the cable company do send the exact same tv signal to every ones house regardless how much you pay them, so easy to make your cable modem go faster as well, or it was back then anyway! I also discovered Mr Branson will hire ex MI5 and SAS agents to hunt you down.

    2. Snake Silver badge

      Re: idiot

      You wouldn't *need* to scrub the user metadata... if people actually took privacy seriously and, therefore, never registered the software using their personal name in the first place.

      All my systems, and software, are registered to "User". End of story, unless someone can get a hold of serial number metadata plus, somehow, a record of where that unique copy went to (download to IP to user? Nah)

      1. Dave 15 Silver badge

        Re: idiot

        You SHouldnt need to scrub the data... its not relevant to anyone and shouldnt be there. I object to this sort of behaviour and MS are the worst for it. No wonder their products are getting ever less popular. After windows 10 I can 100% guarantee I am NOT buying another windows based PC and no MS office or similar products.

        1. TeeCee Gold badge
          Facepalm

          Re: idiot

          It definitely should be there for the majority of use cases.

          You try finding that document written by Fred Blogs about fish sometime last year without it, when your users just dump everything in the same shared store and ignore the naming conventions.

          I know that the internet is populated by raving paranoids, but 99 times out of 100 there actually isn't an evil corporate plot as the reason for XYZ.

          1. Robert Helpmann?? Silver badge
            Childcatcher

            Re: idiot

            I know that the internet is populated by raving paranoids, but 99 times out of 100 there actually isn't an evil corporate plot as the reason for XYZ.

            Exactly. Never attribute to malice that which is adequately explained by stupidity.

            - Hanlon's razor

          2. Claptrap314 Silver badge

            Re: idiot

            Oh, you mean like scanning your documents for keywords to forward to advertisers?

            At this point in the cycle, ANY information on you is valuable to people who want to control you.

      2. baud Bronze badge

        Re: idiot

        In that case, it could have been done on his company-provided computer, where the software is automatically registered to the user of that computer. At least it's how I understood that story.

    3. Herby

      Re: idiot

      You are implying that criminals are "smart". My observations are to the contrary.

      I'm sure there are examples everywhere on the internet. Possibly this article is but one.

      1. Ryan 7

        Re: idiot

        There are smart criminals, but we generally don't use the word 'criminal' for them.

        Banker, Minister, President, etc tend to suffice.

        1. werdsmith Silver badge

          Re: idiot

          Not many smart politicians either

          1. Francis Boyle Silver badge

            Re: idiot

            That's what they want you to think. See a certain current British prime minister.

        2. ashdav

          Re: idiot

          The "smart" criminals have already done this.

          Hence you have never heard of them.

        3. Anonymous Coward
          Anonymous Coward

          Re: idiot

          There are smart criminals, but we generally don't use the word 'criminal' for them.

          Banker, Minister, President, etc tend to suffice.

          While I don't use the word criminal to describe the type of people you mention here, coincidentally the word that I do use also happens to begin with a 'c'

      2. katrinab Silver badge
        Boffin

        Re: idiot

        Your observations are probably only based on the ones that get caught.

        You could conclude that all criminals are dumb. Or you could conclude that you need to be really really dumb to get caught, and everyone else gets away with it.

        1. Tom 7 Silver badge

          Re: idiot

          I have noticed several times that things were missing from the ERP that you would expect to be there and yet even after mentioning the oversight that no-one ever did anything about it. I came to the conclusion this was for slush funds and chose not to investigate further in case I found out I'd been paid from it.

        2. holmegm Bronze badge

          Re: idiot

          You could, but that would mean a vast proportion of the population are criminals, and also there'd be a lot of missing money and stuff, etc.

          Can't prove or disprove a negative, but it's not like there is a lot of mysterious evidence pointing to these supposed comic book criminal geniuses. The simplest explanation is that most criminals are pretty dumb.

          1. whitepines Silver badge

            Re: idiot

            The simplest explanation is that most criminals are pretty dumb.

            Which actually makes sense, thinking about it. Genuinely smart people tend to both find satisfaction in the work they do and attract large salaries, rather than resorting to crass material accumulation and theft.

            And for people without much brains but an insatiable desire for power and material wealth, there's always politics as a legal way to that end...

        3. toejam

          Re: idiot

          A criminal must be right every time in order to avoid capture. A detective must be right only once to catch them. Smart people either go to extraordinary lengths to always be right or they understand the odds and just don't do the crime.

          1. jmch Silver badge

            Re: idiot

            "Smart people either go to extraordinary lengths to always be right or they understand the odds and just don't do the crime."

            Or get out while the going is good.

      3. swm Silver badge

        Re: idiot

        I cleared over a million dollars from my employer over the years but this was a legitimate salary. You can make more money by being legit than in engaging in shady practices. Also I don't have to worry about being "caught" as I did nothing wrong or even slightly shady.

      4. Doctor Syntax Silver badge

        Re: idiot

        The non-smart criminals you get to hear about are a self-selecting set.

    4. katrinab Silver badge
      Coat

      Re: idiot

      Much better surely to set up a virtual machine in your fake company's details, and just leave the metadata?

      1. small and stupid

        Re: idiot

        Exactly. Cheapskate fool.

    5. macjules Silver badge

      Re: idiot

      Kabbaj by name, cabbage by nature.

      1. Richocet Bronze badge

        Re: idiot

        I found his name so distracting it was hard to focus on the article.

    6. Persona Silver badge

      Re: idiot

      The metadata was unlikely to be what got him caught. More probably it was the fact that someone (probably a staff member) pointed out the firm had paid invoices for equipment that didn't exist. The file metadata just makes the task of assigning blame to the culprit a little easier.

      1. Anonymous Coward
        Anonymous Coward

        Re: idiot

        I agree - this is too basic a scam - what was needed is a tip off to scrunitise the transactions.

        The prosecution merely stated that the author metadata was a match as part of proceedings.

        This being the reason he was caught, as insinuated by the headline, appears to be a clickbait embellishment. There is no factual reference to the metadata being key to cracking the case from the investigators, this is the article author taking "creative" leeway.

        If you read the actual filing, you will see that 'Employee-1' and 'Employee-2' indicated things were amiss with vendor mismatches and no equipment to show.

        Perhaps even more damning, from the court records:

        * "The only signatory on the Interactive Systems account is HICHAM KABBAJ, the defendant." and

        * "the only withdrawals from the Interactive Systems account, other than maintenance fees, are transfers to two accounts at Bank-1 held in the name of KABBAJ ("Kabbaj Account-1" and "Kabbaj Account-2")"

        They also traced who read and opened the invoice emails at the defraded company and it was only Kabbaj. They really did not need the metadata for this case.

        So cheap clickbaiting I think to troll the microsoft haters.

        It has worked, looking at the comments about Microsoft. BTW It isn't who the software is registered to, it is the current user, and you can happily clear the metadata.

        It's like complaining that a file created in unix has the creators username and time attached - where is the privacy!! It even logs atime and mtime!!!

        Shame about journalistic standards.

        1. Mike Pellatt

          Re: idiot

          Agreed with you up to here:

          It's like complaining that a file created in unix has the creators username and time attached - where is the privacy!! It even logs atime and mtime!!!

          It's nothing like that. The metadata you describe is stored in the inode - the file's low-level directory entry on the filesystem. It's not stored as part of the file, so if it is copied to another system - by email, f'rinstance - that metadata is lost. Well, at least that's true for classic Unix and ext[234].

          That is a world away from metadata embedded in the file, in terms of privacy. And auditability.

        2. Nick Ryan Silver badge

          Re: idiot

          I get your point but it's not necessarily true that the metadata didn't give rise to suspicion.

          Usually the orignal digital copy of invoices are saved into a suitable repository in an accounting system. If payments were made without such invoices existing then he would have been caught very quickly. It would only take a user to chance upon the invoice and be presented with "document created by HICHAM KABBAJ" and for this to raise suspicion about something being up. Metadata being metadata and entirely editable it is unlikely to be legally significant but it would be a component of the process and could easily initiate investigations.

      2. Doctor Syntax Silver badge

        Re: idiot

        "invoices for equipment that didn't exist"

        Consumables would have been better or something even less tangible such as services.

        1. rmason

          Re: idiot

          He'd still be doing it now if he's simply used his company to sell cheap *actual* products at a huge markup.

          He wanted 100% of the money. If he'd have been happy marking tat up 100% , chances are he'd still be happily selling them $300 laptops for $1500 etc , it would just have taken longer.

      3. jmch Silver badge

        Re: idiot

        "More probably it was the fact that someone (probably a staff member) pointed out the firm had paid invoices for equipment that didn't exist."

        He should have just billed for 'services' rather than physical equipment.

    7. Anonymous Coward
      Anonymous Coward

      Re: idiot

      You shouldn't keep the vm, even if encrypted. Delete it after use and overwrite the free space, to be sure. If you need to use it multiple times, script the install.

      Also have on the same vm, tor, for sending any data. Register every account in the vm via tor. Get a Gmail /gdrive / one drive free account. Store your password in keepass and use rclone with encryption. Use a passphrase to encrypt.

      Only access via tor again.

      Dispose of the vms after every use. You want no evidence at all on your computers.

      But the one big bit of evidence that can't easily get around with this is the business he set up and transferred money from. Would need to off shore it, in a country that doesn't check details, transfer the money to crypto (montero or something, not bitcoin first). Then only transfer bits at a time when you need money, don't go spending way beyond what you should be able to.

      1. Anonymous Coward
        Anonymous Coward

        Re: idiot

        Thinking how it could have been done, the first transfer out of the company has to be uninteresting.

        If it was offshore or crypto or gift cards or suitcases of cash, these would all point a flashing arrow right away.

        At least by using a normal bank transfer, he had bought some time and could have run away to some other country without extradition treaties, after a few transfers, before getting caught.

        That gets thwarted by greed, which is what makes these types do this in the first place. He bought homes instead. So it is unlikely someone who steals out of greed can stop. Isn't it the beast that is never sated?

        The ego takes over and they believe they cannot be caught.

    8. Prst. V.Jeltz Silver badge

      Re: idiot , with 2020 hindsight

      If _I_ were running this scheme, I'd write the invoices up using LibreOffice in a encrypted VM.

      Yeah well , thats with the hindsight of knowing that vulnerability in the scheme, theres probably hundreds of other bases to cover , which may or may not have come to light had this metadata not rumbled him first.

      Who registered the other business? who paid for the domain name? etc etc ad infinitum.

      This type of scam dosent allow for a lot of beta testing is what im getting at.

      You have to get it right first time , quit while you're ahead, and even then dont assume you're free n clear. Probly best to have a couple years sabatical in south America somewhere once youve bagged a couple of million.

    9. veti Silver badge

      Re: idiot

      Thou shalt not share documents in Microsoft Office formats. Surely everyone who works in IT knows that?

      Mostly, I think it's another example of one of the cardinal rules of crime: it's really, really hard to think of everything.

    10. phuzz Silver badge

      Re: idiot

      "If _I_ were running this scheme, I'd write the invoices up using LibreOffice in a encrypted VM."

      The VM could use Office, but it should be a copy bought by your shell company, and registered to the name of someone who "works" there.

      Basically he should have made his alibi more in depth. Invent a persona for the 'person' that will be sending out the fake invoices, make sure it's nothing like yours, bonus points for using software that everyone "knows" you hate (ie if you're a linux person, use Windows) etc.

    11. Tom 35 Silver badge

      Re: idiot

      Could have gone to best buy a bought a laptop and wiped it after each invoice.

  2. Kanhef
    Devil

    Doing it wrong

    The fake invoices tend to get noticed sooner or later. Instead, direct real purchasing and contracts to a company you control, which resells products and subcontracts the work. All at a healthy markup for profit, of course. Sure, the company could have spent less elsewhere, but it's hard to make that into a case for fraud.

    1. Flocke Kroes Silver badge

      Re: Doing it wrong

      Also do not pay yourself directly. Have you IT company invest in your property company that buys and rents out your luxury homes. Rent them with fake names for the dates you will be there then cancel at the last minute.

      To move move cash to your own account, buy shares with your own money, buy more with unlaundered money to drive the price up more then sell your own shares.

    2. Anonymous Coward
      Anonymous Coward

      Re: Doing it wrong

      Yeah a very amateur defrauder, I'm surprised he is in charge of procurement at the company.

  3. Anonymous Coward
    Anonymous Coward

    "Which makes you wonder how many others might be out there (our tip line is always open.)"

    There is that guy named Simon, and his co-conspirator Stephen, who were careless enough a couple of times to brag of their exploits of a similar nature on El Reg. How's that for a tip? You should publish all of their nefarious dealings in gory detail.

    Anon in fear of a quadcopter-launched plutonium-laced missile guided by freaking lazers...

    1. Anonymus Coward
      Black Helicopters

      Re: "Which makes you wonder how many others might be out there (our tip line is always open.)"

      "Anon in fear" .......

      .... but probably not anonymous to the people you need to fear.

    2. Anonymous Coward Silver badge
      WTF?

      Re: "Which makes you wonder how many others might be out there (our tip line is always open.)"

      WTF are lazers?

      If you meant lasers, the s stands for stimulated. Light Amplification by the Ztimulated Emission of Radiation doesn't quite work.

      /soap box

  4. Anonymous Coward
    Anonymous Coward

    Thanks for the tips.

    1. Psmo Bronze badge

      More of a how-not-to, really.

    2. elDog

      Good to stay "anonymous"

      The tips are good - mainly how NOT to do this stuff.

      Anyone know of a good book (whoops, online resource) that give me furthur tips?

      1. Adrian Harvey

        Re: Good to stay "anonymous"

        Frank Abagnale (he of "Catch Me If You Can") wrote "The Art of the Steal" which is a good easy read on fraud techniques and how to prevent them. A little more focus on cheque fraud than necessary in these days of declining cheque use, but still an entertaining read!

  5. Andy Non Silver badge
    Angel

    Too greedy also

    If he'd settled for much less than $6 million he might have got away with it. Pushing his luck inevitably led to the scrutiny and his downfall.

    Me, I felt guilty just nicking a company pen!

    1. LDS Silver badge

      Re: Too greedy also

      IRS was involved, probably his fake company didn't pay taxes on the stolen money too... maybe if he did it would have looked more legitimate, and attracted less suspicions...

      1. Ken Moorhouse Silver badge

        Re: IRS was involved

        I thought that was strange, but your (LDS) explanation sounds good.

      2. Anonymous Coward
        Anonymous Coward

        Avoiding taxes would be easy

        You set up a second company in a tax haven and have your Manhattan company pay it most of the revenue, keeping say 10 or 15 percent as "profit" that you pay federal/state taxes on. Then you have accomplished not only avoiding taxes on most of it, but successfully moved it offshore.

        To make it look legit it should also have at least two employees, so you'd need to pay them (not yourself) and do all the correct filings. Otherwise it would attract IRS attention from the owner not paying himself a salary commensurate with his position/duties and taking all the profit as a distribution to avoid taxes on wages. Finding a couple people willing to take money for doing nothing as part of your scam shouldn't be a problem.

        When even companies like Accenture pass a fair amount of stuff through Bermuda this sort of thing isn't going to raise any eyebrows.

    2. LeahroyNake Silver badge

      Re: Too greedy also

      All my pens are provided by other companies with their branding on them free of charge. Most are a bit poo but the few I have from KIP are outstanding, just like their products.

      You can tell a lot by the standard of the free crap that they give away eg the shitty branded 2GB USB sticks that some places hand out.

  6. Steve Graham

    Green

    I'm hoping very much that the "j" at the end of his name is pronounced like the "j" in "justice" and not like "i".

  7. chivo243 Silver badge
    Windows

    Word?!

    He sent the invoices in Word?!! The judge should tack on extra time for that... and even more time for using his own install of it to generate the invoices. I could point out many other ways he should have covered his tracks, but I won't...

  8. Terry 6 Silver badge

    IT Exec

    Fundamentally failing to understand the technology that he's using to perpetrate his fraud.

    They should sue him for his salary too, or else add another fraud to his charge sheet.

    1. chivo243 Silver badge
      Pint

      Re: IT Exec

      +1 - add another fraud to his charge sheet.

      Love it! It's the holiday season, why not give him both!

  9. Tom 7 Silver badge

    Old as the hills

    A boss of mine did that but only got away with £300k or so. I think he got caught because he wanted someone to stop him as he kept mentioning the shell company over drinks in ways that never seemed to make any sense. Well enough less sense than could be expected of a Friday afternoon to make a few of us go ''WTF' in our heads so when we heard about said company after he was busted to mention it to each other. Never did find out how he got busted though. Would love to know.

    1. Anonymous Coward
      Anonymous Coward

      Re: Old as the hills

      You're too nice to think he wanted someone to stop him..

      He very likely was stroking his ego - the idea that he can still get away with it even if he spells the name out in open - he's "that smart".

      All those netflix criminal docu dramas show this behaviour - going to the crime scene, helping with the investigation, calling the tip line.

    2. Ken Moorhouse Silver badge

      Re: as he kept mentioning the shell company over drinks in ways that never seemed to make any sense

      If they were invoicing for petrol then it would make sense.

    3. Anonymous Coward
      Anonymous Coward

      Re: Old as the hills

      Many years ago the service company I worked for scored a major contract with a quango. Part of project involved a lot of data entry. So the project manager for my company and his counterpart at the quango hatched a cunning plan to enrich themselves: set up a data entry company, the spouse of one of the two being the CEO, and award a no-bid contract to the new company. Unfortunately for them the quango was a 'sensitive' one and TPTB that ran it asked the local equivalent of MI5/SB/FBI to run a background check on said data entry company. After the investigation completed the two project managers were 'asked' to quietly resign which they did and nothing more was said or done.

      What pissed me off at the time was the fact that a lowly computer operator who had been caught stealing a boot/trunk load of bricks from some construction work at the data centre was sent to jail for theft. Different ranks, different spanks.

  10. Erik4872

    Greedy and careless

    As others have pointed out, there are many ways to sanitize documents' metadata. I imagine someone was wise to this a while before he was caught and needed to set up a trap to get evidence that it really was him.

    If he hadn't continued, and received much less than $6M, he would have likely gotten away with it. Big-company accounting rounds on 5-digit numbers for the most part. It takes a big purchase or something way out of line to even trigger someone batting an eyelash. The medium-ish company I work for routinely writes multi-million dollar checks to vendors and service providers, and small invoices could be slipped in between these without anyone saying anything.

    The other very important thing to remember is this...forensic accountants live for this stuff. Once they get wind of something worth investigating, they will not let it go until they find the root cause. So, it would be possible for someone to get away with a scam like this for years, especially if he just set himself up as a reseller and skimmed profits off the real equipment being delivered. It's just not possible forever. It's more possible if you have someone on the inside in purchasing helping you (or in this case, if you get to approve invoice payments yourself.)

    1. whitepines Silver badge

      Re: Greedy and careless

      Interesting question, though -- wouldn't setting ones self up as a reseller be mostly legal? As in, it'd be the company's responsibility to figure out that they can get the same gear elsewhere for cheaper and switch? I've seen large corporations routinely overpay for gear just because they have one or two preferred resellers and it's a right pain to switch to another / add another vendor to the system. Much of that being paperwork as I understand it (taxation, etc.).

      Of course if this guy was the one making the vendor decisions, and didn't somehow magically hold patents or something else that would make his company the only place to get the stuff, then yes, I could see some fraud charges sticking anyway.

      1. Anonymous Coward
        Anonymous Coward

        Re: Greedy and careless

        I think you have to commit capital and volumes to be a reseller, especially of an established product/brand, more so with another existing reseller in the market.

        His compny's budget might not have been enough to secure reseller status and margin, even if he diverted all purchases of the company via his reseller.

        1. irrelevant

          Re: Greedy and careless

          Surely true if you are intending to become an official reseller. But there's nothing to stop you buying the kit at retail price from existing channels and selling it on at a markup.

          1. doublelayer Silver badge

            Re: Greedy and careless

            I think that would still be a conflict of interest, forbidden in many contracts, and intentional misconduct. If you took efforts to hide this from the company, that would be fraud. Not being a lawyer, it's possible there'd be fraud even without trying to hide it from anyone, but even if not, you'd definitely be fired and have action taken to recover as much of your pay as possible under breech of contract. That said, it'd probably be easier to hide that fraud than the kind this guy attempted.

            1. whitepines Silver badge

              Re: Greedy and careless

              Yeah I figured as much, but it seems mostly to come under that conflict of interest heading vs. anything else, and gets murky when people move from one company to another, though AIUI US law takes a very black and white view of "the employee has one master". If you're salaried and not working in the sole interests of your employer, Bad Things will happen.

              Interestingly, my impression is there isn't nearly as much expectation of conflict of interest being a barrier to this kind of scheme the higher up one goes -- in fact, from what I can see the recent ICANN debacle is rank with it quite publicly, yet no one has even hinted a crime has taken place (therefore I suspect it's legal in that situation). Perhaps it's a perk reserved for board level and up "employees"?

              1. Justicesays

                Re: Greedy and careless

                One you get to a high enough position you can just get an ethics waiver and proceed to engage in conflict of interest behaviour no problem. Worked out well for Enron...

              2. gnasher729 Silver badge

                Re: Greedy and careless

                When you sign a deal with a supplier, you tell your company “this is the best contract I could get”. When you are obviously and blatantly lying about this, in order to profit, that’s fraud.

          2. Hans Neeson-Bumpsadese Silver badge

            Re: Greedy and careless

            But there's nothing to stop you buying the kit at retail price from existing channels and selling it on at a markup.

            On the face of it that sounds correct, but I suspect there would be some legal rope to hang you with relating to warranty - either you're supplying goods for which you can't offer manufacturer's warranty / the manufacturer not approving you passing the warranty on to the end user. IANAL but I have a feeling in my water that there's something relating to warranty provision that would prevent you from being able to pull a stunt like that.

    2. The Nazz Silver badge

      Re: Greedy and careless

      Blimey, is it really 17 years ago :

      https://www.theguardian.com/business/2002/apr/17/13

      Not quite out and out fraud but certainly corruption. Both of these being highly remunerated executives who simply got too greedy. But no, it didn't pay.

      Towards the end of the article it says, (unbelievably) that Chambers actually won £150,000 for unfair dismissal. The mind boggles. Though it does say that the Co-op were seeking to recover said monies.

  11. FlamingDeath

    Silly question, maybe

    But what the hell is an IT exec?

    Are they the people that tell people what to do but have no idea how to do it?

    Do we need them?

    1. TRT Silver badge

      Re: Silly question, maybe

      Short for "executables"?

    2. ds6

      Re: Silly question, maybe

      Probably close to CIO: the guy that signs all the checks, talks politics to the board, and knows little about what he's overseeing.

  12. Will Godfrey Silver badge
    Black Helicopters

    How to be a thief

    I can't remember where I read it now (sometime in the '60s), but it was a short story, supposedly written by a retired thief. The guy said that it was a full time job, and very hard work. However the key points were to never repeat the same act, and to keep it small, down to minor inconvenience level. Said thief was apparently now living comfortably but not outlandishly, and had never come to the attention of the law.

    1. TRT Silver badge

      Re: How to be a thief

      But not the tax office I bet.

    2. ds6

      Re: How to be a thief

      Easy to break the law, hard to not get caught.

      ~ Confucius Kabbaj

    3. 's water music Silver badge

      Re: How to be a thief

      a short story, supposedly written by a retired thief. The guy said that it was a full time job, and very hard work. However the key points were to never repeat the same act, and to keep it small, down to minor inconvenience level. Said thief was apparently now living comfortably but not outlandishly, and had never come to the attention of the law.

      I have a similar scam going. I have set myself up as an 'employee' and I supply 'labour' to my 'employer'. I even do some work for them during the day to keep it convincing. Most of my work causes only minor inconvenience so it sounds like I am on the right track. In another 15 or 20 years I expect to fulfil my dream to live comfortably (though not outlandishly) but if the filth ever do get wind of it I swear they are never going to take me alive.

      my plan B ----->

      1. A K Stiles Silver badge
        Coat

        Re: How to be a thief

        Either something went wrong in selecting or rendering your icon, or you have no plan B ?

        I had a difficult time choosing between rifling through someone's pockets, the piracy icon or the gimp one.

    4. Christopher Michaelis

      Re: How to be a thief

      Reminds me of the "Stainless Steel Rat" stories. Would be about that time period IIRC.

      1. Will Godfrey Silver badge
        Thumb Up

        Re: How to be a thief

        I don't think it was a Harry Harrison story, but I read most of them around that time and it certainly fits the style.

  13. Anonymous Coward
    Anonymous Coward

    Kabbaj means constipation in Punjabi. I'll get my coat.

    1. TRT Silver badge

      Well... seized really. Grasped, clenched, taken, held, possessed. From the root kabj.

      1. SuperGeek

        Clenched?

        A bit like his arse cheeks when he got cornered then, eh :)

  14. Rolf Howarth

    PDF

    Anyone who submits an invoice as a DOC rather than PDF deserves all they get! Especially if the invoice date is a macro that expands to today's date.

  15. Charles Smith

    Daft Company

    Ho hum, a company defrauded because it didn't operate basic accounting controls. The person approving payment of invoices should be separated from the person who originally approves the purchase. The old Two-plus heads concept.

  16. Anonymous Coward
    Anonymous Coward

    This is How a Lot of Federal Grant Money is Grafted

    After working for years in several city governments, I have see that this is basically how the recipients of Federal grant money contracted out by cities siphon off most of the money.

    Most cites don't bother to scrutinize the grant contractors books, as long as the contractor can provide an invoice, it is legit as far as the city is concerned.

  17. Anonymous Coward
    Anonymous Coward

    Greed

    It's usually greed that gets successful criminals. If he'd taken $5m and bailed somewhere nice and extradition free, he'd have got away with it. Possibly.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020