Concord, NH – The Community College System of NH (CCSNH) was the victim of of wire fraud. CCSNH is actively engaged in mitigating the incident, but wanted to to warn other organizations about the business email compromise scheme targeting colleges, universities, and those operating in a public bidding environment.
Earlier this month CCSNH was contacted by a business representing to be an existing vendor, that they make regular progress payments on an ongoing project. The vendor’s practice had been to be paid by a hard copy check. The communication requested to transition to electronic funds transfer via the Automated Clearing House (ACH). The request was accompanied by what appeared to be proper, complete and authentic documentation. CCSNH processed the ACH information and paid the vendor but learned that the ACH instruction had been fraudulent and the funds did not go to the vendor as intended.
At this time, we are working with law enforcement, and with the banks involved, to investigate and recover the funds. The amount of the fraudulent transfer was $130,000.
This incident of fraud was perpetrated by use of the internet. This emerging strategy is possible because of vulnerabilities in the contracting process, where available information about contracts are publicly available.
CCSNH has learned that this scheme to defraud colleges and universities was identified by law enforcement in the Boston area. CCSNH is a making a public statement about the incident in order to caution other entities that may have similar vulnerabilities.