On the last day of the four-day 2012 election for student council, computer techs noticed that something was a bit off with one of the university's computers.
Viewing it remotely, they noted that whoever was using the computer cast vote after vote.
The techs then watched the mysteriously multi-voting user log into the account of a university official. There, he read an email from a student who complained that the system was preventing her from voting.
There were actually quite a few students who couldn't vote in that election, because their login details had been electronically pickpocketed by the same young man who was running for student council president.
That man, former California State University San Marcos student Matthew Weaver, has been found guilty of using keyloggers to steal nearly 750 student passwords, many of which he then used to log in to others' accounts and to then fraudulently cast votes for himself and four of his fraternity brothers.
On Monday Weaver was sentenced in federal court to a year in prison, according to the U-T San Diego.
Authorities said that Weaver installed keyloggers on 19 school computers, managed to steal credentials for a whopping 745 students, and cast ballots from the accounts of 630 of them.
When campus police tracked him down, Weaver was sitting at a school computer with the keyloggers.
Weaver, now 22, was a third-year business student when he cooked up the scheme to rig the March 2012 election. He started months in advance, with police finding a PowerPoint presentation he'd created earlier in the year.
The presentation proposed running for president along with four of his frat brothers, who would run as vice presidents.
Weaver's presentation noted that his intended position came with a $8,000 stipend, while the vice presidents each stood to get a $7,000 stipend, for a total of $36,000.
Police also found traces of Weaver's research into the matter, including computer searches on such phrases as "how to rig an election" and "jail time for keylogger".
Then, a month prior to the election, Weaver bought three keyloggers, in the form of small electronic devices, to surreptitiously record keystrokes.
Because landing in jail for a brief stint obviously wasn't enough to convince him that wire fraud isn't a wise course, he and a friend cooked up a business plan of action that was even worse: to attempt to deflect the blame, they created fake Facebook pages using names of real students, posted fake conversations, and tried to make it look like the students had framed him.
Those manufactured conversations were sent to reporters at a few media outlets, but none fell for it, the U-T San Diego reports.
Weaver pleaded guilty to three federal charges, including wire fraud and unauthorized access to a computer.
As the judge pointed out to the U-T San Diego, Weaver jumped from the frying pan into the fire - or, in the judge's own words, he was "on fire" for the crime, and then he went and poured gasoline on it to try to cover it up.
Don't try this at home, kids. Don't play with matches, and don't mess with keyloggers.