Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Phishing
      • /
    • Scott County Schools victim of $3.7 million CEO Fraud Phishing Scam

    Scott County Schools victim of $3.7 million CEO Fraud Phishing Scam

    Stu Sjouwerman | Apr 25, 2019

    GEORGETOWN, Ky. (WKYT) - Scott County Schools has announced the district is a victim of a multi-million dollar online CEO fraud scam. 

    The FBI is now investigating after Superintendent Dr. Kevin Hub said an undisclosed vendor told the district it never was paid for an invoice from two weeks ago. As the district investigated, it learned it fell victim to a fraudulent email disguising as the vendor.
     
    "This is a process that we use currently in Scott County Schools. It's a way that we pay our vendors. And it was in this specific case, a single case, that we can verify, and this fraudulent email and fraudulent documentation is what caused this crime to happen." Sounds like they could use some new-school security awareness training
     
    The school lost $3.7 million as a result of the scam. Hub said the fraudsters no longer have access to the district's bank account, and there was no data breach involving personal information. Video at WKYT

     

    Topics: Phishing Security Awareness Training CEO Fraud

    Can hackers spoof an email address of your own domain?

    DSTAre you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

    Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

    Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

    Try To Spoof Me!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/domain-spoof-test/

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All