Scammers stole $2.3 million from the authorities of a small American city

The authorities of the American city of Peterborough in the state of New Hampshire reported that scammers had stolen $2.3 million from them. The scammers tricked city officials into sending a series of large payments to their accounts.

As you might guess, this is a business email compromise (BEC). As a rule, such attacks involve the compromise of a legitimate email account of one of the target company’s employees. The attackers then use the account to send fake emails from employees of the same company or its partners, and use social engineering to convince them to transfer funds to fake accounts under the mask of fake invoices and fictitious transactions.

The incident in Peterborough was first reported on July 26 after the ConVal School District informed city officials that the $1.2 million monthly transfer had not been received.

In this case, the criminals did not hack into city officials, but simply used email spoofing and social engineering (fake documents), thereby forcing the city to redirect payments to its own accounts.

US Secret Service officials, who were called in to investigate the incident, told reporters that the stolen city funds were promptly laundered and converted into cryptocurrency. It will no longer be possible to recover the stolen by cancelling transactions, and the city authorities doubt that these losses can be covered by insurance.

It is worth noting that according to the FBI, the BEC scam remains one of the most serious threats to companies and organizations. So, in 2020, such scams caused losses in the amount of $1.8 billion, which amounted to about 43% of all lost funds over the past year.

Let me remind you that we recently wrote that Scammers Attack Potential Crypto Investors and Miners.