Today in "government allocating your taxpayer dollars" news...
The city of Fresno, Calif. has reportedly fallen victim to an email phishing scam, costing the city (and its taxpayers) a whopping $400,000.
The scam was based in Africa and took place in 2020. The city is accused of not telling the city council or the public, according to a new article from the Fresno Bee.
"Former Mayor Lee Brand’s administration failed to disclose the loss," the report says. Additionally, the Fresno City Attorney’s Office rejected a public records request by The Bee regarding the fraud in December 2021.
The city told The Bee that "no records were located", but the news outlet was still able to obtain emails that existed prior to the request.
The report says that the fraud was disguised as "as an invoice from a subcontractor working on the construction of the new southeast Fresno police station".
Placed on legitimate looking letterhead, only the account numbers on the invoice had been changed. Money was then transferred electronically by a city staffer to the fraudulent account.
Email scams have evolved in recent years to include vendor email compromise (VEC) scams, the report says.
As was the case in Frenso, the Bee reported that "in a typical vendor email attack, scammers create fake invoices that look exactly like a real vendor’s, but they change the bank account information so that when a payment is issued, the money ends up in the scammer’s account."