Town loses half a million to scammers

Business cyberattack can affect all

By Greg Collier

In a stark reminder of the ever-present threat of cybercrime, Arlington, Massachusetts, a picturesque town located just six miles northwest of Boston, recently fell victim to a sophisticated cyberattack, resulting in the loss of nearly half a million dollars from the town’s coffers.

The town, home to approximately 46,000 residents, was targeted in what is known as a business email compromise (BEC). Perpetrators used phishing, spoofing, social engineering, and compromised email accounts to facilitate wire fraud totaling close to $450,000.

The cybercriminals orchestrated their attack by impersonating a vendor the town often does business with. Town employees received legitimate emails from this vendor concerning issues with processing payments. Unbeknownst to the town, cybercriminals had compromised some town employee user accounts and were closely monitoring email communications. They seized this opportunity to impersonate the vendor using a deceptively genuine-looking email domain, requesting a switch in payment method from check to electronic funds transfer.

Upon discovering the fraud, the town immediately alerted law enforcement agencies and its banking institution. A digital forensics investigation was launched. The town’s banking institution managed to recoup a mere $3,308, roughly 6% of the total stolen amount.

Town governments are not the only targets of BEC scams. Any business can fall victim if their emails are compromised, potentially impacting not only the businesses themselves, but also the residents of these towns and the customers of these companies.

One of the preferred targets of BEC scammers is mortgage lenders. In these cases, scammers will email home buyers using the lender’s email address. The home buyers are then instructed to wire their down payment or closing costs to the scammers, believing they are communicating with their legitimate lender.

However, recipients of compromised emails can protect themselves.

Always double-check the sender’s email address for any discrepancies or unusual characters. Scammers often use email addresses that closely resemble legitimate ones.

Contact the sender directly using a known, trusted phone number or email address to confirm the authenticity of any requests, especially those involving financial transactions.

As the town of Arlington takes steps to enhance its cybersecurity defenses, other municipalities and organizations should heed this incident as a cautionary tale and proactively bolster their own measures to safeguard against potential cybercriminal activities.