BRADENTON, Fla. - Cyber attackers cast a phishing email scam, and someone in the payroll department of the Manatee County School District took the bait.
“We issued approximately 7,700 W2s for the 2016 school year,” said Ron Cirana, deputy superintendent for the district.
The email was sent by someone posing as the superintendent.
“The superintendent would never send an email like that,” Cirana said Monday afternoon.
Cirana says the district was scammed on Jan. 26 but the district only learned about it on Feb 3 after the IRS issued a warning about phishing email scams one day earlier. Cirana says after the warning departments checked with employees and the mistake was revealed.
“Constantly people are getting phished for different things: credentials, username and password, bank accounts and email accounts or information they want,” said Serge Jorgensen with Sylint, a cyber security and digital data forensics business in Sarasota. Jorgensen says information found on W2s makes it easy and fast to steal money.
He says, “Your name, social security number, income last year - it really is one-stop shop for attackers.”
Jorgensen says large companies use mail filters to keep phishing email scams from filtering through but if one slips by, learn to spot it. He says cyber attackers use social media to research the sender they impersonate.
“In this case, it's information about your boss. They use that information to ask you to do something.”
In the school district’s case, the email even gave a reason. “I’d like to have as soon as possible for board review,” Cirana recited from the fraudulent email.
The clues are in the details, says Jogensen, such as small misspellings, which are triggers.
The email is usually short and off-tone for the person being imitated- either too formal or informal. Jorgensen also points to the “reply to” address when it doesn’t match the one used by the authentic sender.
“Fed Ex does not send email from (an obviously unrelated email address)."
Jogensen’s advice: “When you get an email that looks suspicious, delete it. Don’t click on it, don’t open it or the attachment, don’t respond or reply ... delete it."
The Manatee school district signed on with an insurance agency to help employees with any identity theft problems. The district says the IRS has also put the employees on a list of possible fraudulent tax return claims and the FBI is investigating.
School district employees will also undergo additional training to help avoid being scammed again.