One London hedge fund got a harsh reminder about giving its bank information to strangers.
Fortelus Capital Management was conned out of $1.2 million on a Friday evening in 2013 by a mysterious caller, reports Bloomberg. A bit smarter than a Nigerian prince, this caller said he was from Coutts, Fortelus’ bank, and warned that it looked like there was fraudulent activity on the hedge fund’s account. The fund’s finance chief Thomas Meston reluctantly agreed to use the bank’s smart card security system to get codes for the caller to void the 15 transactions.
Meston checked the hedge fund’s accounts the following Monday and found the $1.2 million missing. Coutts, part of the Royal Bank of Scotland, says they didn’t call Fortelus. Fortelus fired Meston, and is now suing him, saying he failed to protect the fund’s assets. Meston says it wasn’t his fault, and he acted honestly and in good faith.
The Fortelus incident is a good example for hedge funds that worry too much about cyber security, and not enough about human error. Other firms have been targeted with Friday evening calls as staff is exiting the office for the weekend. Zurich Insurance says that such frauds cost firms about 5 million pounds in just three months this year. Writes Bloomberg:
“People are always the weakest link,” said Jason Ferdinand, a director at Coventry University who runs the U.K.’s first cyber security MBA course. Employees “often assume that they do not have to think about security because a machine or software is doing it for them.”
Photo: iStockPhoto.com.