An American computer programmer has been caught outsourcing his own work to a company in China.
The scam came to light only when the man's employer became suspicious about repeated remote logins to its server from the northeastern Chinese city of Shenyang.
The story is related in a blog posted by Andrew Valentine, a computer forensic investigator at Verizon Business, a US-based communications firm.
He was brought in by the American firm who feared their network's security - and the credentials of one of their best employees in particular - had been compromised.
But in reality the employee - referred to only as Bob - had "physically FedExed his RSA token to China so that the third-party contractor could log in under his credentials during the workday".
Bob is described as being in his 40s, "inoffensive and quiet" and "someone you wouldn't look at twice in an elevator".
And his apparent efficiency had not gone unnoticed by his manager.
"For the last several years in a row he received excellent remarks. His code was clean, well written, and submitted in a timely fashion," Mr Valentine noted.
"Quarter after quarter, his performance review noted him as the best developer in the building."
But a forensic examination of Bob's office workstation revealed a more typical working day:
9.00 am - Get to work, surf Reddit, watch cat videos
11.30 am - Lunch
1.00 pm - eBay
2.00 pm or so - Facebook and LinkedIn
4.30 pm - Send end-of-day email update to management
5.00 pm - Go home
A check of the company's available records showed the scam had been going on for months - maybe even years.
During that time Bob had continued to draw his generous annual salary of around \$250k (£155k), and then sent \$50k (£31k) of it to his Chinese subcontractors.
However, his contract was terminated once Verizon's report landed on his manager's desk.