Baltimore’s $1.5M Blunder: Scammer Dupes City with Vendor Ruse
A scammer made off with over $1.5 million from Baltimore by posing as a vendor and tricking staff into changing bank account details. This classic Business Email Compromise attack highlights Baltimore’s knack for losing money faster than a gambler on a losing streak.
Hot Take:
Looks like the Scammer Olympics just took place in Baltimore, with the city’s Department of Accounts Payable going for gold in the “Whoops, Wrong Bank Account” event. Spoofing a vendor and rerouting over $1.5 million? That’s a textbook Business Email Compromise, folks. If only Baltimore had applied the same scrutiny to their financial transactions as they do to their crab cakes, this might have been avoided. But don’t worry, they managed to claw back part of the funds, proving that sometimes you really can teach an old city new tricks—or at least how to file an insurance claim.
Key Points:
– A scammer executed a Business Email Compromise, stealing over $1.5 million from Baltimore by impersonating a vendor.
– The city’s Department of Accounts Payable made two unauthorized payments due to altered bank account details.
– While one payment was recovered, $803,384.44 remains missing as the city struggles to retrieve it.
– The fraud was enabled by lax internal controls and a failure to verify supplier information.
– Baltimore has a history of falling for similar scams, having lost money in both 2019 and 2022 due to similar fraudulent schemes.