Wednesday, September 08, 2010


I read an interesting article in the EAStandard of September 8, 2010. It's about an interesting fraud where money was transferred from several banks in thousands of shillings only to be received by another bank in millions.

An example was KShs 388,400 which was transferred from an account at the Co-op Bank, Kimathi Street destined for KCB, Moi Avenue. The destination account in KCB was credited with USD 388,400 (KShs 30,295,200).

Another transaction involving USD 96,800 had been transferred from another bank in KShs but credited into a KCB account at UN Gigiri branch in dollars and withdrawn immediately.

An interesting question immediately popped up in my mind – How did they do it?

We can of course glean that this is a simple, yet brilliant, play on the currency field. There is definitely a system breach involved here. What I don’t know is whether the inter-bank Electronic Funds Transfer system could have been breached (insider attack) or whether a man in the middle attack occurred.

Help me fill in the blanks. Is there any IT or banker guy out there who can outline a likely scenario on how such a fraud can take place?

No comments: