Bank employee gets five years in jail for fraud and cybercrime

A 35-year-old woman has been sentenced to five years in jail for her role in a meticulously orchestrated fraud scheme involving the unlawful access and manipulation of an elderly customer’s banking profile and stealing more than R200 000.

Lusanda Gloria Qose appeared in the Gqeberha Regional Court on Monday where the sentence was handed down.

Abusing access credentials

As a former sales and service consultant at First National Bank (FNB), Pier 14 branch in Gqeberha, Qose was convicted of fraud, cyber fraud, and the unlawful use of access credentials following her abuse of internal banking systems between 22 January and 24 April 2024.

Her victim was 68-year-old Mlungwana Maranti, who held an Encore account linked to a Money Maximiser account and a registered cellphone number used for authorising transactions via FNB’s InContact system.

Fraud

National Prosecuting Authority (NPA) spokesperson Luxolo Tyali said Qose unlawfully changed Maranti’s cellphone number on the bank’s system using her employee credentials, diverting all One-Time-Pin (OTP) authorisations to herself without his knowledge or consent.

“She further created a second bank card linked to the complainant’s accounts, which she used to transfer funds from the Money Maximiser account to the Encore account and conduct multiple ATM withdrawals over three months.

“These fraudulent transactions resulted in a total loss of R245 000. The bank ultimately refunded the complainant and absorbed the financial loss,” Tiyali said.

ALSO READ: Man sentenced to eight years in jail for cybercrime

Security protocols

Tiyali said Qose used her employee number to access FNB’s core operating system, which contains confidential customer and transactional information.

He said she bypassed internal security protocols such as two-factor authentication (2FA) and online fingerprint verification (OFV) and manipulated digital records to create the false impression that Maranti had authorised the transactions.

“The court found that Qose’s actions were premeditated and sophisticated, involving multiple system breaches over an extended period. She pleaded guilty to all charges, citing financial distress as her motive.

“During sentencing proceedings, she and her aunt testified in mitigation, stating that she is a single mother of two minor children, aged 13 and 17. She has since repaid R87 000 through a deduction from her pension fund and expressed remorse for her actions,” Tiyali said.

ALSO READ: Cybercrime: A global risk surpassing load shedding in potential impact

Victim’s emotional toll

In a victim impact statement, Maranti detailed the emotional toll the crime took on him, detailing the trauma of watching his retirement savings vanish and revealing that he had contemplated suicide.

The court heard that Qose was fully aware that the funds she stole were earmarked to grow the complainant’s retirement nest egg.

Tiyali said Specialised Commercial Crimes Unit (SCCU) prosecutor Edmyrach Matabata argued that, despite Qose being a first-time offender, her gross abuse of trust and exploitation of a vulnerable senior citizen warranted a custodial sentence.

“The court concurred, emphasising that although the accused demonstrated remorse and potential for rehabilitation, the offence not only harmed the victim but also eroded public trust in the financial system.”

NOW READ: South Africa remains a global hotspot for data breaches