How Scammers Conned a Winnipeg City for $430,000 Using Bitcoin
Slashdot reader lowvisioncomputing shares a CBC story about an elaborate theft discovered “when the CEO of a rural municipality in southwestern Manitoba [population: 3,300] noticed the series of unusual cash withdrawals from the bank account….”
It started with a job advertisement. An apparently legitimate company, with a professional website and a Nova Scotia address, claimed it was looking for cash handlers. The contract was for one month. Employees could work from home.
They were told they would receive payments to their credit cards, which they would be expected to transfer to their bank accounts. They would then withdraw the payments, convert them to bitcoin and send it to another account…. The majority of the 18 employees were young and lived in different communities across the country… Anyone who searched the internet for the company would find a professional website, with information that matched what was provided in the employment contract.
In early December 2019, cybercriminals sent a phishing email to several people at the municipal office of WestLake-Gladsone, a municipality about 150 kilometers west of Winnipeg, on the southwest shore of Lake Manitoba. At least one person clicked on the link, which allowed the hackers to gain access to the municipality’s computers and bank accounts. But weeks passed and nothing happened, so the municipality did not report it to the police. It was only after the money disappeared that the municipality discovered the two incidents were connected, said Kate Halashewski, who at the time was assistant executive director of WestLake-Gladstone Municipality….
Court documents say that on December 19, 2019, a person logged into the municipality’s bank account and changed the password, along with the personal verification questions. Over the next 17 days, the attackers added the 18 “employees” who were hired as payees and began systematically making withdrawals, transferring the money to the employees’ credit cards. Dozens of withdrawals were made, totaling $472,377, according to court documents — a significant amount for a municipality with a full annual budget of $7 million.
These withdrawals were not discovered until January 6, when Halashewski saw 48 wire transfers – each less than $10,000 – go to unknown accounts… Once they completed the initial transfers and conversion, the bitcoin was sent to the private account of the scammers – who cyber security experts say probably not in canada…
The municipality eventually announced it had lost nearly half a million dollars in a press release on October 12, 2020… No arrests have been made in connection with the WestLake-Gladstone cyber attack, and RCMP say it is no longer under active investigation.