Five things to know about how Dallas County was defrauded out of $2.4 million:
How did the county lose millions of dollars?
The scammers used fake business email addresses to impersonate Dallas County contractors, and the county apparently paid the criminals $2.4 million when billed. Dallas County has not yet released further details about the scam, but the hackers used “social engineering,” defined as psychological manipulation, to trick users into making security mistakes or divulging sensitive information. ” he said.
When did this happen?
Dallas County became aware of the fraudulent payments on Nov. 17. Details are unclear, but he said the county was first alerted to the fraudulent wire transfers in mid-November. It is unclear why the information was not released sooner.
Who is investigating fraud?
The county said it reported the scheme to the FBI, but the agency has not yet confirmed whether an investigation is underway.
Is this related to the recent cyber attack on the county?
The incident is unrelated to an October cyberattack in which hundreds of files of county information were posted on the dark web. Dallas County Commissioner Darryl Martin said the wire transfer was separate from an attack by the ransomware group Play, which hacked into the county's systems and stole data.
What happens next?
Tuesday's county commissioners meeting includes an agenda item regarding security audits of the Office of the Comptroller, the department that approves payments. Commissioners are likely to discuss details at the board meeting.
