Wire Fraud Incident
For Immediate Release
October 31, 2016
CCSNH Public Statement on Wire Fraud Incident
Concord, NH - The Community College System of NH has been the victim of an incident of wire fraud about which we wish to inform the community. While we are actively engaged in mitigating the incident, we felt it was important to share this news in order to warn other organizations about this business email compromise scheme targeting colleges and universities, and potentially any entity operating in a public bidding environment.
Earlier this month we were contacted by an entity representing to be an existing vendor, to whom we make regular progress payments on an ongoing project. The vendor’s practice had been to be paid by a hard copy check. The communication was a request to transition to electronic funds transfer via the Automated Clearing House (ACH). The request was accompanied by what appeared to be proper, complete and authentic documentation. We processed the ACH information and paid the vendor. We subsequently learned that the ACH instruction had been fraudulent and the funds did not go to the vendor as intended.
At this time, we are working with law enforcement, and with the banks involved, to investigate and recover the funds. The amount of the fraudulent transfer was $130,000.
An incident of fraud was perpetrated on our organization by use of the internet. This appears to be an emerging strategy made possible because of vulnerabilities arising from the public contracting process, where there is publicly available information about contracts, allowing criminal actors to falsely and convincingly represent who they are.
Unfortunately, criminal actors are continually evolving their strategies. We see this with phishing scams, IT system hacks, telephone fraud, and other deceptive acts designed to take advantage of cyber transactions. This is an unfortunate, growing societal issue as the convenience of electronic transactions gives rise to new types of vulnerabilities. Escalation of criminal strategies must be met with increased education and vigilance across all spheres of activity.
We have since learned that this scheme to defraud colleges and universities had been identified by law enforcement in the Boston area. We are making a public statement about CCSNH’s incident in order to caution other entities that may have similar vulnerabilities.
While a significant concern to our organization, this incident was limited in scope and did not involve any private records.
While we are taking immediate steps to resolve this particular incident, we also will use this as an opportunity to review our procedures to determine what additional safeguards should be adopted to reduce risks related to this and other evolving threats. Within CCSNH, this effort will be led by Associate Vice Chancellor of Finance and Strategic Planning, Charles Ansell.