- Security News
- Cybercrime & Digital Threats
- Texas School District Loses $2.3 Million to Phishing Scam, BEC
Manor Independent School District (MISD) in Texas is investigating an email phishing attack after a series of seemingly normal school-vendor transactions resulted in the loss of an estimated US$2.3 million. According to the statement posted on Twitter, the district is cooperating with the Manor Police Department and the Federal Bureau of Investigation (FBI), and encouraged the community to share any information related to the incident.
[Read: US$1.7 million stolen from North Carolina County after BEC scammers posed as contractor]
According to local reports, the attack was done across three separate transactions, with the cybercriminals contacting multiple individuals in the district from November to December. Failing to recognize that the bank information was changed, one email recipient responded and followed through with the transactions before recognizing that it was a fraudulent bank account.
[Read: Report: Over 20% of phishing campaigns target Microsoft users]
Schools and local government institutions have become a target of cybercriminals for business email compromise (BEC), with losses amounting to millions after failing to recognize discrepancies in suppliers’ and contractors’ email exchanges. As Trend Micro included in their 2020 Predictions, cybercriminals are expected to maximize profit via BEC and phishing by combining old techniques with new technologies. Here are some best practices that can be followed to avoid or defend against these kinds of attacks:
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.