Search TorWire

Find cybersecurity guides and research articles

Home > News > Cybersecurity > Former Telekom Malaysia U.S. Executives Charged Over Alleged $20 Million Fraud Scheme

Former Telekom Malaysia U.S. Executives Charged Over Alleged $20 Million Fraud Scheme

By: Morgan Cipher Senior Privacy Journalist

Last updated: May 20, 2026

Human Written
Former Telekom Malaysia U.S. Executives Charged Over Alleged $20 Million Fraud Scheme

  • Three senior managers from Telekom Malaysia’s U.S. unit stole over $20 million.

  • They used fake contracts, ghost employees, and an AI‑powered imposter.

  • The company self-reported the crime and avoided charges.

Three former executives of Telekom Malaysia’s American subsidiary are in serious trouble with US law enforcement for allegedly stealing millions of dollars from their employer.

The company itself escaped charges because it reported the crime first. The scheme spanned nearly six years and the perpetrators face wire fraud and identity theft charges.

How They Tricked the Company with Fake Paperwork

The U.S. Department of Justice announced on May 19 that they indicted Mohd Hafiz Lockman, Khanh Thuong Nguyen, and Mohd Yuzaimi Yusof. The trio were senior executives at Telekom Malaysia (USA) Inc., Telekom Malaysia Berhad’s American arm.

Their offence? They tricked Telekom Malaysia Berhad into approving a fake $54 million deal. The fraud spanned July 2020 to February 2026. They requested the parent company’s approval to sell eight terabytes of broadband capacity. But the real contract with a U.S. customer was for only six terabytes.

The extra two terabytes? They sold it to other companies for themselves and even set up a sham entity with a name that mimicked the real subsidiary. All payments from those illicit sales went into bank accounts they controlled.

Second, they impersonated a cable supplier. The American subsidiary bought cables for about $500,000, but they told the parent company that it paid nearly $2.9 million. They then sent that $2.9 million to another fake supplier account they owned. To pull it off, they forged signatures of real supplier employees.

Tricks Involving Ghost Workers, Fake Trips, and an AI Imposter

In addition to the wire fraud tricks, the executives created fake employees and interns. One real employee left in 2020, but the company never recorded his departure. For nearly five years, they pocketed his monthly salary. When HR in Malaysia finally asked for an exit interview, they faked it, using another person to impersonate the departed employee.
Then HR wanted a video call. So the defendants used an AI program. The imposter wore a digital mask of the former employee’s face. That’s what prosecutors call “aggravated identity theft.”

Also, they fabricated some operational expenses. Early this year, they requested a refund for a work trip to Las Vegas. The trip supposedly happened last December.
But no such trip ever occurred. When the parent company asked for photos, they rushed to Vegas. They took new pictures with Christmas trees to fake the December date.

The Arrest and Charges

Lockman was arrested on April 20 at San Francisco airport. Yusof and Nguyen both turned themselves in on April 22 and 23. All are charged with three counts of wire fraud conspiracy and might be locked up in prison for up to twenty years. Identity theft adds a mandatory two‑year consecutive sentence.

Here’s the twist: Telekom Malaysia itself is not charged. Why? Because the company self-reported the criminal conduct. The company commenced an internal investigation, terminated their employment, and provided this information and evidence to the Department of Justice (DOJ); they also provided the DOJ with the company’s investigation and termination of three of its executives in separate, but related investigations in April.
The DOJ gave the company a conditional declination, no charges, as long as it fully cooperates, pays restitution, and reports any future crimes for three years.

Implications of this Case

You might think this doesn’t affect you. But here’s why you should care.
The executives stole salaries meant for real people. They used an AI to fake a living person’s face during a video call. That means no video call is truly trustworthy anymore.

To avoid such deception:

  • Check your pay stubs regularly if you’re an employee.
  • Request that HR confirm all active employees and interns in your company.
  • Be very skeptical of unexpected video calls asking for personal info.
  • Report any odd expense claims or duplicate payments immediately.

For companies, reporting fraud cases when you notice them goes a long way. The DOJ actively encourages firms to come forward. That’ll help the company to avoid prosecution while those who are guilty face the music. For regular folks? Be watchful. Insider fraud is becoming more creative and more digital.

The dark web and cryptocurrency are also enabling new forms of crime. A man in Australia was recently arrested for dark web drug sales, a reminder that law enforcement is adapting to track criminals across both traditional financial systems and anonymous crypto networks.

Share this article

About the Author

Morgan Cipher

Morgan Cipher

Senior Privacy Journalist

Morgan combines a journalist’s curiosity with a security specialist’s precision. His reporting on data breaches, privacy laws, and encryption tech has been featured in several tech publications. At TorWire, he focuses on real-world threats and how to counter them, always with an eye on what’s next in digital privacy.

View all articles by Morgan Cipher
Comments (0)

No comments.