Please read: Scam targets school districts’ direct payroll deposits
The Auditor of State's Office has received information that, over the last few weeks, several Ohio school districts have been victims of an email scam sometimes referred to as “CEO Fraud.” This targeted spear phishing attack uses familiarity to trick individuals into taking an action.
Each of the instances reported to the Auditor of State’s Office involves a cybercriminal impersonating the superintendent or a principal of a school district. In each case, an email was sent to a payroll department employee asking that a change be made to the bank account linked to the superintendent's or principal's direct deposit. The payroll deposit then is directed to the criminal. The scam is identified only after the impersonated employee realizes he or she did not get paid. These scams are especially effective because the staff member involved believes he or she is dealing directly with a district or school official who has the authority to make such a request.
The Auditor of State’s Office encourages districts to educate their staffs on this type of scam and be on the lookout for any such activity. The state auditor also encourages districts to:
- Examine the procedures in place for making changes to an employee's payroll bank account; and
- Consider taking verification steps outside of the email system before making such a change.
First and foremost, report all scams to the local police department and the FBI. If a district or school loses cash or assets because of such a scam, officials also should contact Ohio’s Fraud Hotline at (866) FRAUD-OH.