20 July 2009

Christopher Khosa had it all - a loving wife, two children and a third one on the way, a good job at one of SA's biggest companies and a R26,000 monthly salary.

Then he threw it all away.

On Monday, the 39-year-old Vodacom employee from Olifantsfontein, north of Johannesburg, and an acquaintance known only as "Martin" appeared in the Johannesburg Commercial Crimes Court in connection with an Internet banking scam involving diverted SMSes, believed to be the first of its kind in the country.

Now Khosa and Martin face at least 15 years in jail if convicted of fraud. Khosa is alleged to have intercepted and diverted one-time passwords sent to Vodacom customers from the bank. He allegedly diverted the SMSes to a syndicate that had managed to get the clients' login details through a process called phishing. Using the one-time passwords, the syndicate would transfer funds from the client's account. Khosa is alleged to have been involved with the syndicate for just a month.

On Friday, Khosa's shocked pregnant wife, Joyce, told the Sunday Times she had noticed a change in her husband's demeanour at the beginning of this month.

"Every time I came from work in the morning, I'd find him not sleeping, and he was stressed. He was depressed," she said.

Joyce said she had seen her husband at his brief appearance in court on Monday, the first time since his arrest last Friday. He will appear in court again on Wednesday for a bail application, which Advocate Richard Chabalala said he would oppose.

Joyce said they met in 1992 when they were students, and married in 1997. They have an 11-year-old daughter and a seven-year-old son. She is expecting their third child in December.

Khosa, who has a bachelor of business science degree in computer science from the University of the North, joined Vodacom in January 2007 and worked as an engineer. Soon after, he allegedly met his co-accused, who broached the idea of him diverting SMSes.

Khosa refused, but allegedly capitulated last month after several more entreaties from Martin. Khosa told police the gang had threatened to kill him if he refused to help them.

He allegedly admitted to police that he and Martin had twice met with several other men. During these meetings, he allegedly diverted SMSes containing one-time passwords. In the process, R7.7-million was allegedly stolen from Internet banking clients.
On the first occasion, Khosa is believed to have received R2000 for his efforts. But after the second meeting , Khosa told police he had refused to meet Martin again and ignored his calls and SMSes, but the damage had already been done, and Khosa was nabbed soon after.

On Friday, his wife - a police officer - said she did not know what was behind his recent actions. "I don't know what pushed him (to do this)," she said.

She said she dreaded telling her children abut their father's arrest.

"The children are not here, they are away. When they come back, I'll tell the 11-year-old the truth," she said.

In reply to questions, Vodacom spokesman Dot Field said in a statement it was "unfortunate that a Vodacom staff member was able to commit fraud working with external gangsters."

"Vodacom has implemented additional security measures to ensure that this type of fraud does not happen again," she said. "Vodacom has also laid criminal charges against him."

The Ombudsman for Banking Services, Clive Pillay, said there had been about 20 cases of Internet banking fraud reported to his office over the last three months.

Gerda Ferreira, head of group forensic services at Nedbank, said a thorough internal investigation concluded that the method allegedly used by Khosa's gang was a new phenomenon, which occurred towards the end of June and early July.