Someone went on a ‘phishing expedition’ trying to trick a Trenton School Board of Education member into transferring thousands of dollars into their account, but a Trenton School Treasurer Megan Drake didn’t take the bait.
Maegan Drake had been sworn in as treasurer for only a week when she received an email that raised an eyebrow. The email directed her to transfer $7,420 to the account of an unnamed vendor. It came to her appearing to be from board President Kellee Howey. Although Drake was just taking over the position, she saw right through the scheme. She works in the Huron School District and has seen this kind of thing before.
According to Drake, those types of emails often start out informally, asking if “you have a minute.”But it was the request itself that caused her to cast doubt on the authenticity of the message.
“Can I do that,” she said questioning the procedure. “Don’t these things need approval?”As she continued to look over the letter, there were red flags.
Also, the email came from an address the board had no dealings with in the past. So, Drake took the step the scam artist most likely hoped she wouldn’t — she called Howey for verification. “I’m just skeptical of emails,” Drake said. “I called her and said, ‘Did you send me an email today?’ She said that she didn't.”
The jig was up at that point. The board treasurer alerted everyone about the phishing scam. Phishing is a type of social engineering attack often used to steal user data. It often occurs when an attacker, masquerading as a trusted entity, dupes someone into opening a message.
Megan also knew most treasurers were being sworn in around that time and thought someone might be targeting them in particular. As it turns out, she was the only one.
School Supt. Rodney Wakeham said most school districts get a couple of scams emails directed their way during the year. He said this is an example why safety measures are put in place in order for transactions to be made.He also applauded Drake, saying members of the board who are responsible stewards of the district’s finances.
“I appreciate her being so diligent and following procedure,” Wakeham said. It's incredibly important to ensure your users in your organization are properly trained. New-school security awareness training can prevent any user similar to Megan Drake to spot the red flags and warning signs.