Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
0

Phishing attack costs Tewksbury | News | #phishing | #scams | #hacking | #aihp



TEWKSBURY — Accor­ding to a news release is­sued on Wednesday, Feb. 23, 2022, the Town of Tewks­bury revealed that it had been compromised by an email phishing attack which resulted in the transfer of $102,000 to an account unintentionally.

Town Manager Richard Montuori reported that “the town is working with its insurance carrier and bank to recoup most of the funds.”

As reported in the re­lease, a town employee re­ceived an email from a familiar vendor requesting payment via wire transfer, also known as ACH (automated clearing house) or EFT (electronic funds transfer). Pay­ment to large vendors via wire transfer is not un­common for a municipality.

Payment was made to a Wells Fargo account which apparently had been spoofed to appear legitimate. Spoofing involves the use of legitimate information by illegitimate ac­tors to appear credible in an email. While many people are familiar with receiving fraudulent e­mails from vendors into their own inboxes which pretend to be real vendors, this was a calculated attack.

“This was not just a ran­dom phishing email asking for money from a prince,” said Select Board member James Mackey, “this was a highly targeted spear phishing email.”

According to the Office of the Director of Nation­al Intelligence, “Spear phishing” is a type of phishing campaign that targets a specific person or group and often will include in­formation known to be of interest to the target, such as current events or financial documents. Mackey is a cyber security expert and is also part of the cy­ber security unit of the Mas­sachusetts National Guard.

The town learned it was the victim of an attack when the real Wells Far­go contacted the town to report a late payment. The town immediately initiated an investigation, notified the vendor of the scam, contacted the Tewksbury Police De­partment, and notified the FBI of the fraud, ac­cording to the release.

The email and wire re­quest were fraudulent and part of a pervasive multinational spree of email phishing attempts that have been on the rise in recent years.

Mackey said the town hopes to be repaid $92,500 via insurance, as the town maintains a $100,000 coverage rider with a $7,500 deductible for cy­ber security issues such as this. Tewksbury is not a lone victim in this type of attack. The City of Quin­cy was the victim of an attack in February of 2021 targeting their em­ployee retirement fund, resulting in the theft of more than $3.5 million.

Montuori ordered a freeze on any new wire transfers and is reviewing all vendors. Internal de­partment protocols are also being reviewed and the town is engaged in staff training designed to help identify phishing at­tempts through a state-sponsored grant.

The towns auditors will review the incident and use their expertise in cy­ber controls to examine the attack and transfer procedures for further po­tential enhancements to internal controls.

According to Mackey, the attack was specifically targeted at an individual and used real information from a legitimate contract.

Mackey said, “All it takes is a determined threat ac­tor with the time and de­sire to aggregate publicly available data.”

“This is a very unfortunate incident, but we are certainly mindful that it could have been much worse,” Montuori said. “We have learned from this experience and are confident that our policy and procedure changes will leave us better prepared in the future.”

According to Montuori, at no time was resident data compromised.

Click Here For The Original Source.


————————————————————————————-

National Cyber Security

FREE
VIEW