A thief duplicated an email address belonging to Dickson County’s director of schools and then duped the school system’s staff into wiring $20,000 in taxpayer money, an audit says.
Someone pulled the same stunt with the Dickson County Mayor’s Office a few days later, in April of last year, according to Tennessee Comptroller Justin Wilson’s audit, which was released this week.
Auditors called it a phishing scheme.
No one at the county mayor’s office immediately returned a request for comment Tuesday.
Director of Schools Danny Weeks told Tennessee Watchdog that law enforcement agencies, including members of the Tennessee Bureau of Investigation, have yet to catch the culprit.
“Last I heard, Dickson County law enforcement thought it was someone from outside the country,” Weeks said, adding what happened was “a perfect storm of events coming together from someone with crafty and evil intentions.”
“I was out of town the day it happened, and it was the last thing that happened on a Friday afternoon. My business manager assumed she got an email from her boss, and you do what your boss asks you to do. If it were something that happened on a normal day in the office, she would have called and asked ‘What is this for?’”
The bandit got away with exactly $19,500. Auditors faulted school system officials for failing to through on proper procedures to prevent the theft.
The school system got its money back through insurance, minus a $500 deductible.
Weeks said he doesn’t know whether the school system’s insurance premiums will increase because of the theft.
As for the county mayor’s office, the internet pickpocket stole $38,650. After a $500 insurance deductible, the county government got its money back.
“I don’t know if this is the beginning of a trend or if someone had been watching Dickson County for a long time,” Weeks said.
According to a 2014 Tennessean article, someone hacked the Dickson County Sheriff’s Office that year and extorted $572 from county officials “by locking up sensitive data with ‘ransomware,’ known nationally as ‘CryptoWall.””
– – –