The Overdue Deception

blog image

Hello all, Detective Cy here!

Did you know that cybercrimes that target municipalities come in a variety of deceptive forms? For example, ransomware emails disguised as payment requests from a “trusted vendor” have recently become a common occurrence. While this can make attacks harder to detect, knowing what to look for can help you avoid them! In fact, one such clerk had to discover this the hard way!

Early one morning, a clerk from a small township received an email indicating that they needed to pay a bill that was past due. The email claimed that if the bill wasn’t paid immediately, it would be sent to collections. Panicking, the clerk clicked the provided link and paid the bill on the vendor’s website right away.

The next day, the clerk received a call from the municipality’s bank. They wanted to discuss the purpose of a large withdrawal coming from the municipality’s account. The clerk was confused, as they did not recognize the withdrawal. Little did they know, clicking the fake bill pay link caused the municipality’s entire bank account to be taken over!

To help protect the municipality and its citizens, local detectives investigated the events leading up to the attack. They discovered that the past due bill had already been paid several weeks prior, and that the email had actually been sent by a hacker impersonating the vendor. The link had taken the clerk to a website that looked similar to the vendor’s actual page, but the URL had a single letter misplaced. Had the clerk reviewed the bill with the vendor directly, they could have prevented a substantial financial loss.

Fortunately, the municipality was able to recover the funds thanks to their insurance. However, they still needed to expend time and effort to change their bank account information and network infrastructure. While the situation could have been much worse, it was still extremely expensive and put a great deal of stress on the community.

To prevent something similar from happening to you and your municipality, remember to always verify that every email you receive is from a reliable source. You can also contact the sender directly via phone to confirm any requests. If you receive an email demanding immediate payment, be sure to verify the charge with the vendor before making a payment. You should also hover over any links in an email to determine if you recognize the website.

Lessons Learned:

  • Always verify the sender of emails you receive. If necessary, you can call the sender or create a new email with a known email address to ask the user if they sent the email.
  • Always hover your cursor over links in an email to ensure the URL is legitimate and not masking an unknown site.
  • Never click links in an email unless you trust and can verify the sender.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email


Credential Copy Crisis
Detective Cy

The Credential Copy Crisis

Hello readers, Detective Cy here! Did you know that using the same password for all of your accounts drastically increases

The Vexatious Vendor
Detective Cy

The Vexatious Vendor

Greetings everyone, Detective Cy’s back again! Did you know that many attempts to steal your private information are hiding in