Complex investigation leads to jail term

A former rail ticket office clerk has been convicted of fraud by abuse of power and sentenced to three years in prison after a ‘complex investigation’ that involved scrutiny of CCTV and the ticketing system.

Despite refusing to speak other than ‘no comment’ following his arrest, Mohammed Rahman pleaded guilty at his first appearance at Inner London Crown Court in August and was finally sentenced in November.

The Court heard that Rahman had hacked the rail company’s computer system for personal financial gain while working for Govia Thameslink Railway as a ticket office clerk in a London station.

He conducted sophisticated manual overrides to get around the ticket machine’s safeguarding measures, taking advantage of his specialist training.

This confused the system to produce replacement tickets, even though there was no original ticket or passenger that required a replacement. The resultant financial loss to his employers was £277,000.

It is unlikely that the fraudster would have been apprehended had he not been caught on CCTV operating the cash register with no customers present at the service window.

This happened five times on one day in August 2018. The time of his activity corresponded to a list of fraudulent transactions. Further investigation found that his criminal activities had spanned more than a year.

As a spokesman for the British Transport Police (BTP) said after the sentencing, it was a “complex investigation that pulled on a number of specialist departments, namely the financial investigation unit.”

Roger Isaacs, Forensic Partner at Milsted Langdon, said: “This case not only required a detailed financial investigation but also relied on exhaustive analysis of CCTV evidence. This would have been in conjunction with the usual scrutiny of the accused’s bank statements, correspondence and other documentation.

“Unlike many crimes that involve the hacking of computer system’s Mr Rahman’s modus operandi apparently required him to be present in person to perpetrate the theft.  It was this that led to his downfall.

By contrast, many hackers use online money transfers and cryptocurrencies to perpetrate frauds that allow them to remain geographically far removed from their victims.  This means that they often avoid prosecution, especially if they operate from jurisdictions which do not have the relevant extradition treaties with the countries in which their victims reside.”

Posted in The Forensic Blog.