BankInfoSecurity.com - Information Security News, Regulations, & Education

Just Released: Our Online Webinar Catalog

Bank Information Security Articles

Bank of New York Mellon Employee Charged with ID Theft

Credit
EligibleAs a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info

Computer Technician Alleged to Have Used ID's to Steal $1.1 Million

October 30, 2009 - Linda McGlasson, Managing Editor

Save

Digg

Delicious

Please login or register to save this article.

Comment on this article

A computer technician has been indicted in New York Supreme Court, charged with stealing the identities of more than 150 Bank of New York Mellon employees and using them to steal more than $1.1 million from charities, non-profit groups and other entities.

Adeniyi Adeyemi, a 27-year-old man from Brooklyn, was charged with grand larceny and identity theft in a 149-count indictment. Prosecutors say Adeyemi worked in the bank's Information Technology Department and committed the crimes between November 2001 and April 30, 2009. While employed at BONY, he stole the identities of dozens of employees and used them to open more than 30 bank and brokerage accounts with several financial institutions including E*Trade, Fidelity, Citi, Wachovia, and Washington Mutual. Prosecutors say Adeyemi used these accounts as dummy accounts for the purpose of receiving stolen funds.

The Manhattan District Attorney's office says Adeyemi then stole money from the bank accounts of charities and non-profit organizations and funneled it into those dummy accounts, later withdrawing the stolen funds or transferring them to a second layer of dummy accounts. The prosecutors say that charities are easy prey for identity thieves with computer expertise because they readily disseminate their banking details on the internet to facilitate donations. Adeyemi used this to his advantage, the prosecutors allege, using the internet for most of his crimes.

Click to Get Updates on the Latest Information Security News

Company*

Title*

Email*

Subscription Type:

Healthcare Enews

General Healthcare Enews
Blogs Enews
Careers Enews
Training Enews
Webinars Enews
Podcasts Enews
White Papers Enews

Government Enews

General Government Enews
Blogs Enews
Careers Enews
Training Enews
Webinars Enews
Podcasts Enews
White Papers Enews

Banking Enews

General Banking Enews
Blogs Enews
Careers Enews
Training Enews
Webinars Enews
Podcasts Enews
White Papers Enews

Credit Union Enews

General Credit Union Enews
Blogs Enews
Careers Enews
Training Enews
Webinars Enews
Podcasts Enews
White Papers Enews

Need Help?

The charities and organizations that Adeyemi allegedly stole money from include: Goodwill Industries of Greater New York and Northern New Jersey, Iris Ministries, the Kalgidhar Trust, the Sudanese American Community Development Organization, Ravi Zacharias International Ministries, AFK Foundation, the American Community School at Beirut, the Jacksonville Humane Society, American Friends of Birdlife International, the International Association of Women Judges, the Space Generation Advisory Council, and the American Association for Clinical Chemistry. Prosecutors allege Adeyemi also stole from Bank of New York employees.

To stay under anti money laundering monitoring thresholds set by banks, Adeyemi is alleged to have structured all wire transfers to be just under $10,000. This is the threshold where all banks must report transactions to the US Treasury. He then allegedly used the stolen monies to purchase more than $100,000 in USPS money orders, and used them to pay personal expenses including apartment rent and credit card bills. He also redeemed the money orders to ship "substantial" amounts of goods overseas, primarily to Nigeria, prosecutors allege.

Law enforcement began watching Adeyemi after suspicious Internet activity was traced back to wireless Internet connection's in Adeyemi's apartment building in Brooklyn.

The New York/New Jersey Electronic Crimes Task Force of the United States Secret Service investigated the connections and found during a search of the building Adeyemi's apartment turned up dozens of Bank of New York employees' credit reports on his computer, along with many other documents that had personal information of more than 150 BONY employees. Adeyemi was arrested during the search and has remained in jail since April 30.

Law enforcement also found in a rented storage locker notebooks containing hundreds of names, social security numbers, account numbers and other personal data, along with numerous credit cards in Bank of New York employees' names. They also recovered $30,000 in cash from his apartment.

If convicted of all the 149 counts in the indictment, Adeyemi could face more than 50 years in prison.

Next Related Article:

Bank of New York Mellon Investigated for Lost Data Tape

What will it take to get better at spotting insider crime earlier?

Here's your chance to be a part of the dialogue and engage with your peers! Just enter your comment to the right, click submit to send it to our Editor. All entries are posted anonymously.

Please login if you would like to post a comment on this question.

I look forward to answers from others.

As an auditor from the older days but still going in modern times, I do know it takes diligence and intelligence. For a bank, the diligence factor means taking the time for (1) sifting through the deposit accounts of employees and looking up what makes up their deposits, as well as paying attention to spending trends, and (2)sifting through the logs that show employee activity as they do their everyday jobs. Are they keeping up with accounts that are outside of their job description? Good old labor, like the cops who stake out someone in the middle of the night and may hit something juicy once a month.

Then there is keeping eyes and ears open. If I sit at op center, I get few phone calls when employees are thinking about something, but they don't outright expect that something is going on. Yet when I go to branch facilities every month or so, thoughts in the back of peoples' minds will surface upon seeing me, and we will discuss...but will they pick up the phone back at the time something hit them? Most don't; only a few will. Your best source of clues is relayed by co-workers.

Any behavioral changes? More reclusive than usual? More touchy or sensitive than usual? No longer loose and funloving, but getting a bit uptight? Used to take time off, but lately around all the time? Staying later at night? ...and what does the computer log say they are doing after hours or on weekends - what accounts or applications are they fooling with?

Then there are changing financial positions that people get into, where I look harder at them because they now have more of a motive. Examples: Costly divorce and child support. Spouse loses job, causing financial stress. Bills piling up, possibly leading to bankrupt filings.

Conversely, a sudden spending on a new car, boat or house can be a clue if doing such is unusual for the employee's usual lifestyle.

Another angle, I make sure that bank-use deposit accounts, and any bank has them, are handled properly by the 'main' employee in charge of posting and such. Then make sure that someone else reconciles - someone who knows what normal activity is! - and make sure other controls are there.

Another angle, run a computer scan and ferret out all accounts that are tied in some way to an employee's tax id, address, or whatever. Are they entitled to be in on this account?

Can your software do a 'matching address' report? Are accounts in different names landing at the same address? Labor: See if there is a reasonable explanation for each...maybe it's a relative's name at that address, or a partnership has members using same address. Then go after anything that can't be readily explained.

Another angle, know how inactive and dormant accounts are expected to be handled per your institution's rules, and see for yourself that all is well, or engage your in-house auditor. Don't just be happy that controls are there...instead, pull some longer-term dormants and review activity.

Blanketing all of these approaches: The smaller the shop, the more that there is in the hands of one person. Such are the news stories about the man or lady who was in charge of the books, or a certain handful of accounts for 30 years and nobody ever looked closely at what is going on. Their co-workers are always surprised that good old so-and-so was doing something.

That was just off the cuff. What is anyone else doing proactively...and what surprises after-the-fact have ever been discovered, and did it change what management monitored from then on?

Topics of Interest

HR

How to Raise Risk Awareness
Marketing Security as a Competitive Edge

Office of Thrift Supervision

Identity Theft Red Flags Rule Survey: Executive Summary
Regulatory Reform: Dodd's Bill Analyzed

Anti-Money Laundering

The State of Banking Information Security 2008 - Survey Executive Overview
Pinpointing and Preventing Internal Fraud Risk: It's an Inside Job

GRC

Compliance Multi-Tasking - Today
Implementing Detailed User-Level Auditing of UNIX and Linux Systems

Encryption

Protecting Enterprise Data with Proofpoint Encryption
Achieving Compliance with Massachusetts Data Protection Act

PCI DSS

Reducing the Cost of Achieving PCI Compliance
Automated, Continuous PCI Compliance

Latest Tweets & Mentions

Recent Content
Most Popular

1Heartland, Discover Settle at $5 Million
2How to Protect Consumers from ID Theft
3The Mobile Mandate
4Church Latest Victim of ACH Fraud
5Video: Why Cyber Challenge is Needed
6FDIC: 829 Troubled Banks
7ID Theft: Courts Cracking Down
810 Tips to Thwart Skimming
9Skimming: Old Crime, New Tools
10Key Elements of Risk Management

1Failed Banks and Credit Unions, 2010
22010 Data Breach Timeline
3Pay-At-The-Pump Skimming on the Rise
4Account Takeover: The New Wrinkle
5Tapping the Power of Social Media
6ATM Skimming: How Effective is Jitter?
741 Banking Breaches So far in 2010
8New Fraud Spree Investigated
9Social Media Policy - The 6 Essentials
10FDIC: Top 5 Fraud Threats

BankInfoSecurity.com Research

Podcast:Mortgage Fraud: Compliance to be a Challenge
Webinar:BSA Compliance: How to Conduct an Anti-Money Laundering Investigation
Handbook:2010 Webinar Catalog
White Paper:Understanding Man-in-the-Browser Attacks and Addressing the Problem
Regulation:FHFA: Issues Subpoenas for PLS Documents

Recent Blog Entries

Be Mindful of Insider Fraud Against Seniors

California's Financial Abuse Reporting Act, SB 1018, which r…

Read The Agency Insider by Linda McGlasson

Vendor Solutions

McAfee, Inc.

Solutions For:

Access Control, Application Security, Risk Management, Risk Analysis
Intrusion Inc.

Solutions For:

Database Security, Email Security, Identity Theft Prevention

Marketplace

Information Security Media Group - Family of Websites

Banking

BankInfoSecurity.com
Careers
Blogs

Credit Unions

CUInfoSecurity.com
Careers
Blogs

Government

GovInfoSecurity.com
Careers
Blogs

Healthcare

HealthcareInfoSecurity.com
Careers
Blogs

About Us
Contact Us
Site Map
Terms of Service
Advertise
RSS

BankInfoSecurity NewsGet the RSS Feed
Agency ReleasesGet the RSS Feed
Latest ArticlesGet the RSS Feed
WebinarsGet the RSS Feed
BankInfoSecurity.com BlogGet the RSS Feed

Home
Training
Resources
Content Library
- Agency Releases
- Articles
- Handbooks
- Podcasts
- Surveys
- Webinars | Calendar
- White Papers
Careers
Blog

Advanced Search

Browse Topics

Agencies

Federal Deposit Insurance Corp
Federal Reserve Board
Federal Trade Commission
FFIEC
FHFA
FinCEN
Government Accountability Office
National Credit Union Admin.
NIST
Office Comptroller of Currency
Office of Thrift Supervision

Anti-Money Laundering

Banking Today

Confidence In Banking

Business Continuity & Disaster Recovery

Pandemic Preparation

Compliance

Bank Secrecy Act
Basel II
CA Bill 1386
E-SIGN Act
FACTA
Gramm-Leach-Bliley Act
Guidance
Identity Theft Red Flags Rule
NCUA Part 748
Patriot Act
PCI DSS
Sarbanes-Oxley Act

Emerging Technology

Application Security
Authentication
Cloud Computing
Data Loss
Encryption
GRC
ID Access & Management
Messaging
Mobile Banking
Network/Perimeter
Remote Capture
SIM/SEM
Social Media
Storage
Web Security

Fraud

ACH
ATM
Check
Debit, Credit, Prepaid Cards
First Party
Insider
Mortgage
Payments
Wire

Governance & Standards

BITS
Cobit
COSO
FFIEC Handbook
ISO
ITGI
ITIL
PCAOB

Identity Theft

Pharming
Phishing
Skimming

Leadership & Management

Physical Security

Biometrics

Risk Management

HR
Incident Response
Information Security Compliance
Insider Threat
IT Audit
Privacy
Risk Assessment
Social Engineering
Vendor Management

Training & Education

FHFA: Issues Subpoenas for PLS Documents..Next Topic
The Electronic Funds Transfer (EFT) Act - Regulation E..Next Topic
The Electronic Funds Transfer (EFT) Act - Regulation E..Next Topic
DoJ: Report to Congress on Implementation of Section 1001 of the USA PATRIOT Act..Next Topic
FFIEC Issues 2009 Mortgage Fraud White Paper:The Detection and Deterrence of Mortgage..Next Topic
FDIC: Fraudulent Work-at-Home Funds Transfer Agent Schemes..Next Topic
Joint Statement by Education Secretary Duncan, Homeland Security Secretary Napolitano and..Next Topic
Obama's Cyberspace Policy Review: Assuring a Trusted and Resilient Information and..Next Topic
Obama's Cyberspace Policy Review: Assuring a Trusted and Resilient Information and..Next Topic
NIST: PIV Card Application and Middleware Interface Test Guidelines, SP800-85A-1..Next Topic

A-
A
A+