About

New Hampshire town loses $2.3 million in cyber theft

New Hampshire town, Peterborough, has become a victim of cyber fraud. It has fallen to phishing and social engineering campaigns, and transferred funds to the tune of $2.3 million to the scammers. Using a mix of similar sounding email addresses and names, the scammers forged the documents and induced the town authorities in making fraudulent transfers into overseas Bank accounts.

“Investigations into these forged email exchanges showed that they originated overseas. These criminals were very sophisticated and took advantage of the transparent nature of public sector work to identify the most valuable transactions and focus their actions on diverting those transfers,” Select Board Chair Tyler Ward and Town Administrator Nicole MacStay said in a press release published on Monday.

“We are now waiting to hear from our coverage provider if these losses will be covered, whether in whole or in part; town administration is exploring all options available and has reached out to our legislative delegation and the Governor’s office for support,” the town staff added.

The staff that made the fraudulent transfers into overseas accounts has been sent on leave, pending the completion of investigation by the US Secret Service Cyber Fraud Task Force investigation.

The fraud came into focus on 26th July, 2021 when the ConVal school complained of non-receipt of the grant of $1.2 million for the month. This initiated a fraud detection exercise that resulted in uncovering of two additional transfers into the accounts of overseas scammers. Peterborough’s Finance Department staff found that two contractor payments were fraudulently transferred into the overseas Bank accounts of the scammers.

The Peterborough town staff said that – “We do not believe that the funds can be recovered by reversing the transactions, and we do not yet know if these losses will be covered by insurance.”

This fraud is a classic case of scammers registering similar sounding domain names and use of Remote Access Trojans to induce gullible users to make erroneous transfers.