The Baltimore Brew reported:
Between December 2024 and March 2025, the online thief gained access to the vendor’s Workday account, submitted false information, changed the vendor’s bank account and secured two electronic payments totaling $1,524,621.
.....employees at the Department of Accounts Payable (AP) missed clues and failed to verify changes submitted by the cybercriminal, allowing the fraud to proceed.
Between December 2024 and March 2025, the online thief gained access to the vendor’s Workday account, submitted false information, changed the vendor’s bank account and secured two electronic payments totaling $1,524,621.
.....employees at the Department of Accounts Payable (AP) missed clues and failed to verify changes submitted by the cybercriminal, allowing the fraud to proceed.
On February 21, $803,384 was paid to the bank and immediately cashed.
On March 10, another $721,237 was sent to the same account.
Find the original article here.
Takeaway: Don't stop at adding controls, etc to prevent fraud - add an audit at the vendor process level to ensure that team members consistently follow the process.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
On March 10, another $721,237 was sent to the same account.
Find the original article here.
Takeaway: Don't stop at adding controls, etc to prevent fraud - add an audit at the vendor process level to ensure that team members consistently follow the process.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat