Detroit Public Library falls victim of $685,000 scam
(CBS DETROIT) – The Detroit Public Library was targeted in a wire fraud scam that ended up costing the library hundreds of thousands of dollars.
The scam was recently brought to light but was initially revealed during a yearly audit of the library's finances in 2021.
The scammers stole $685,221.64. Of the amount recovered for the library was $277,795.09. The total amount lost was $407,426.55.
According to Detroit's Office of the Chief Financial Officer, someone hacked a library employee's email and convinced the city to transfer money to an unknown account. Where? That hasn't been disclosed.
"Employees are in the cross hairs when it comes to business email compromise," said David Derigiotis.
Derigiotis, a cyber security expert, says to become a target of wire fraud is unfortunately easy.
"It comes down to social engineering, tricking people and getting access," he stated.
Getting those funds back once stolen though is near impossible.
"It's very difficult. A lot of times they are able to conceal their whereabouts. They could be logging in or attacking from all over the world," said Derigiotis.
Detroit officials say both the library and city are victims and no employees are being held responsible.
Who foots the bill for the $407, 426.55 still missing? The city says the funds were considered a total loss in 2021 unless they're recovered.
CBS News Detroit reached out to the library for comment but did not hear back.
Derigiotis says to avoid becoming a victim of wire fraud, there are three things to keep in mind:
"Number one, provide training and social engineering awareness for all of your employees. Give them the power to spot attacks against them. Number two, multi factor authentication for any of your accounts including email. And number three which may be the most important, have a mechanism for verifying any type of wire transfer request," Derigiotis stated.