A U.S. company got a shock when it discovered its systems were being accessed by someone in China.
Bob was the man you wouldn't suspect of any wrongdoing; 40s, nebbish, good at his job - one of the best programmers in the office, in fact - never complained, and always got a good review from management, who he emailed every day to update on his progress. Trouble was, that email was his only significant work contribution. Everything else was being done by the Chinese programmer to whom Bob had outsourced his job, at a fraction of his six figure salary.
The U.S. critical infrastructure company lucky enough to have Bob on its payroll first found out about the scam when it conducted a routine log review, trying to make sure its telecommuting employees were on the job. When it noticed an anomalous log-in apparently originating in China and using Bob's identity, its first thought was espionage, perhaps involving some sophisticated malware; all the more so because its log-in system was supposed to be highly secure, with two-factor authentication, utilizing a fob that Bob was supposed to have on his person.
Then it dug deeper, and discovered Bob's daily work routine consisted of:
9:00 a.m. - Arrive and surf Reddit for a couple of hours. Watch cat videos
11:30 a.m. - Take lunch
1:00 p.m. - Ebay time.
2:00 - ish p.m Facebook updates - LinkedIn
4:30 p.m. - End of day update e-mail to management.
5:00 p.m. - Go home
Alas, poor Bob. His web of secrets soon unraveled. That oh-so secure system with its fancy fob had been undone by FedEx, for Bob had simply mailed the doodad to his Chinese confederate. It turned out that this was not Bob's first time to the rodeo; evidence suggested that he'd been pulling the same trick elsewhere, raking in hundreds of thousands in fees while paying his subcontractor about fifty grand.
Nice work, if you can get it ...
Source: Verizon Security Blog