Trenton School Treasurer Spots a 'Phishing Expedition'

Apple on pile of books at the elementary schoolSomeone went on a ‘phishing expedition’ trying to trick a Trenton School Board of Education member into transferring thousands of dollars into their account, but a Trenton School Treasurer Megan Drake didn’t take the bait.

Maegan Drake had been sworn in as treasurer for only a week when she received an email that raised an eyebrow. The email directed her to transfer $7,420 to the account of an unnamed vendor. It came to her appearing to be from board President Kellee Howey. Although Drake was just taking over the position, she saw right through the scheme. She works in the Huron School District and has seen this kind of thing before.

According to Drake, those types of emails often start out informally, asking if “you have a minute.”But it was the request itself that caused her to cast doubt on the authenticity of the message.

“Can I do that,” she said questioning the procedure. “Don’t these things need approval?”As she continued to look over the letter, there were red flags.

Also, the email came from an address the board had no dealings with in the past. So, Drake took the step the scam artist most likely hoped she wouldn’t — she called Howey for verification. “I’m just skeptical of emails,” Drake said. “I called her and said, ‘Did you send me an email today?’ She said that she didn't.”

The jig was up at that point. The board treasurer alerted everyone about the phishing scam. Phishing is a type of social engineering attack often used to steal user data. It often occurs when an attacker, masquerading as a trusted entity, dupes someone into opening a message.

Megan also knew most treasurers were being sworn in around that time and thought someone might be targeting them in particular. As it turns out, she was the only one.

School Supt. Rodney Wakeham said most school districts get a couple of scams emails directed their way during the year. He said this is an example why safety measures are put in place in order for transactions to be made.He also applauded Drake, saying members of the board who are responsible stewards of the district’s finances.

“I appreciate her being so diligent and following procedure,” Wakeham said. It's incredibly important to ensure your users in your organization are properly trained. New-school security awareness training can prevent any user similar to Megan Drake to spot the red flags and warning signs. 

The News-Herald has the full story

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Nuclear Ransomware Webinar

Get the latest about social engineering

Subscribe to CyberheistNews