City of Tenino loses $280,309 to phishing email scam, state Auditor’s Office says
The city of Tenino fell victim to a fraudulent scheme that cost it $280,309 in public funds, according to the Washington State Auditor’s Office.
Former Clerk-Treasurer John Millard initiated 20 automated clearing house payments from the city’s bank account to multiple out-of-state bank accounts from March 19 to May 4, 2020, per a report. A series of phishing emails prompted the payments, many of which he did not get city council approval for.
The email was sent to multiple public employees in Washington state who were members of the Washington Municipal Clerks Association. The same day it was sent, the association notified members that it was illegitimate.
“While other recipients either deleted or ignored the email, contacted the association to confirm it was a phishing attempt or contacted their IT departments, Tenino’s Clerk-Treasurer did not,” the report says. Millard, who served in the U.S. military until 2016, had previously received training in cybercrimes, according to the report.
On May 5, 2020, the report says a Texas-based bank told Millard someone who came in to withdraw funds from an account that received an ACH payment and then tried to close the account.
Millard told the bank to contact the professional association, per the report, but the president of the association said she did not know about any such payments.
That same day, he informed the Tenino mayor, the state’s Auditor’s Office and Tenino police about the loss of funds, saying he had been deceived by a scam.
Millard resigned in December 2020 and moved out of state, per the report. Washington State Patrol investigated the scam but could not determine whether Millard personally benefited from the scheme.
The case has since been turned over to the Federal Bureau of Investigation.
In all, Millard issued $336,968 in inappropriate ACH payments, per the report, but $56,659 in payments were returned to the city.
You may also enjoy reading, The definitions of “recently” and “discovered” leave a lot to be desired
Stay informed with the latest Cybersecurity trends, threats and analysis. Sign up to the realinfosec weekly cybersecurity newsletter today.