School lost £1m in simple email scam

What's new in the world of scams and ScamWarners.

School lost £1m in simple email scam

by AlanJones Tue Apr 08, 2014 2:54 am
http://www.dailymail.co.uk/news/article ... tails.html

One of the first schools to be given academy status during Michael Gove's tenure as Education Secretary has been conned out of more than £1million in a simple email fraud.

Staff at St Aldhelm's Academy, which posted England's worst GCSE results in 2012, received an email from fraudsters posing as bank workers.

The out-of-the-blue message asked for the sort code of the school's bank account, which finance staff, falling for the con, passed on.


As the comments to the article say, there is more to this than meets the eye as just giving a sort code would not enable the debiting of funds. To do that they must have given full access to their Internet banking or actually made the transfer themselves.

Please do not tell scammers that they are listed here - it will take them seconds to change their fake details and their new details will not be listed for any future victims to find.
Advertisement

Re: School lost £1m in simple email scam

by TerranceBoyce Tue Apr 08, 2014 5:15 am
Normally organisations like this will not use standard online banking facilities as they require more sophisticated arrangements to make regular payments for salaries, bills and transfers and it'll normally forms part of a sophisticated financial package. In many ways it mirrors the banks own financial systems, but limited to handling only their own money but much more sophisticated than the standard online bank facility.

I haven't liked to mention it, but these arrangements are much more vulnerable than a banks own systems for various reasons, but principally because often those running them simply don't have knowledge of the risks and how to administer security. In my day, which wasn't so long ago, banking security procedures were insanely tight and most people simply wouldn't be capable of adhering to them but, if you're lax, with the sums of money involved even honest people will be tempted, aside from those who set out to crack your systems.

Banking systems are impossible to hack and any fraud will normally involve an insider. These secondary banking systems operated by schools, universities, local councils, hospitals. etc. are vulnerable, and now they will come under greater threat.

Having said that, it still shouldn't be possible for such a loss to be incurred for many reasons but, unless banks tighten up procedures, this will now become much more common.

It is common knowledge that there is a lack of oversight of these publicly funded bodies, even as regards qualifications to teach, so the ability to securely handle public funds isn't even on the agenda and good intentions won't protect them from fraud. The mechanism to launder stolen funds already exists within the UK banking system and is becoming more sophisticated all the time.

From reports it appears that the fraudsters were handed the administrator keys which is pretty disastrous, but there are much more sophisticated means of taking over these accounts and now fraudsters have been alerted to the rich pickings available, organisations had better smarten up or many tens of millions of pounds of public funds will be heading abroad.

CAR ADVERTS - If a car seller mentions escrow - he's scamming you Never ever for any reason pay anything until you have seen and inspected the vehicle
Return to News and announcements

Who is online

Users browsing this forum: ClaudeBot and 1 guest