CASE STUDY: The District Scam

This March 1, 2018, photo shows the exterior of Manor Senior High School in Manor, west of Austin, Texas. There is no stopping the growth in Manor, one of the more affordable suburbs of Austin. But the school district is now putting its final touches on a new secondary school building that officials say will make room for more students without losing a close-knit feel. (Jay Janner/Austin American-Statesman via AP)

Police and FBI have launched an investigation into an email phishing scam that cost a school district millions of dollars. The scam began when one of the district’s construction vendor’s emails became compromised; these types of attacks are typically called “vendor email compromise” or “business email compromise”. Phishing emails were periodically sent out to teachers and faculty at different dates and times from the vendor’s actual email address. Once the hacker gained access to the email system, they were able to change the payment account routing numbers for the transactions. There were three separate transactions that had already occurred before the fraud was detected ; by then the district was already duped out of several million dollars.

PREVENTION

  • Never respond to or click on links provided in emails without confirming the source.
  • Never click on or download any attachments coming from an unknown email address.
  • Always hover over links in an email to ensure the URL is legitimate.
  • If the email is from a vendor, make sure the address matches any emails you may have received from them in the past.
  • Verify the person you are emailing is who they say they are. You can do this either by composing a separate email to that person or calling them directly to confirm that the email was legitimate.

How was the fraud detected?

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

MOre POSTs

Education
Ross Levitt

CASE STUDY: Internal Attack

Detective Cy was busy reading over the details of her most recent case when the phone began to ring. Gina, a school teacher, had been

Education
Ross Levitt

CASE STUDY: The District Scam

Police and FBI have launched an investigation into an email phishing scam that cost a school district millions of dollars. The scam began when one

28 Worlds Fair Drive
Somerset NJ 08873

© 2020 D2 Cybersecurity   All rights reserved   Privacy

To learn how we can help, get in touch with our Sales Team