Last September, Boulder County, Colo., fell victim to a phishing scam to the tune of nearly $238,000, but just recently, the county announced that it was able to recover the stolen money.
Last year, hackers posing as a vendor for the county sent a spear phishing email to the county. This email resulted in a check for $237,241.18 being “sent incorrectly” by the county. Following the incident, county leaders turned to the Boulder County Digital Forensics Lab.
According to a county press release, a detective with the Boulder County Sheriff’s Office, who is assigned to the Boulder County Digital Forensics Lab, was able to trace the funds to a bank account in the United States where the money was still showing as an available balance.
After the trace, investigators were able to freeze the funds in the account to prevent the movement of the money, and on Dec. 7, 2022, the $237,241.18 was returned to Boulder County. The county noted that because the investigation is still ongoing, no further information about the return of the funds can be released.
However, the county did note that its cybersecurity incident response was able to collect and provide a full report on the spearfishing incident to the Boulder County Sheriff’s Office, United States Secret Service, and JPMorgan Chase & Co.’s fraud team so they could investigate further.
Boulder County noted that in the wake of the phishing scam, the county has worked to improve its security and fraud prevention safeguards. Specifically, county accounting teams have received additional training to identify vendor impersonation fraud and how to request help with verification of suspicious requests. An independent verification step has also been added to the vendor payment instruction change process.
The county also said that its email security tools have been configured to warn users about email domains which are newly registered, and those which are only one or two characters different from the county’s partner organizations.