OIG Report: City Victim Of $375K Phishing Attack

BALTIMORE (WJZ) -- Baltimore City was the victim of a phishing scheme last year when it sent more than $375,000 to a hacker posing as a vendor with municipal contracts, according to a new report from the Office of the Inspector General.

The company was receiving monthly payments from the Mayor's Office of Children and Family Success. According to the report, the office and the finance department's Bureau of Accounting and Payroll Services were twice contacted by email about changing the bank information for the payments.

But the vendor's email account had been "compromised by a malicious actor," allowing a hacker to correspond with municipal employees without the company knowing, the report said.

On Dec. 22, 2020, the city tried to send an Electronic Funds Transfer payment to the company, one day after the vendor's account information had been switched from one bank to another, the report said.

The bank on the receiving end of the transfer flagged the transaction as fraudulent and returned the funds.

On Jan. 5, 2021, the hacker made another request to switch accounts to a third bank, providing a letter and voided check in the vendor's name. Someone claiming to be the vendor's chief financial officer also called the Department of Finance to discuss the change, the report said.

Two days later, the city sent a payment of $376,213.10, the report said.

The vendor has not been received full payment from the city but did get $50,000 from its insurance company for a phishing loss claim.

The hacker's account was frozen, and the $38,730.15 balance was placed into a separate account, the bank said.

According to the Office of the Inspector General, at the time of the phishing attack, employees in the Bureau of Accounting and Payroll Services did not have an authorized list of signatories for vendors and had to rely on the heads of other city departments for that information.

And the bureau did not independently verify the request to change the account after the purported call from the chief financial officer, the report said.

In a response letter, Department of Finance Director Henry Raymond said the office "has immediately strengthened internal protocols" and continues to reviews its policies.

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.