Cybersecurity and Fraud Protection
How cyber education helped stop a $5.3 million fraud attempt
Fraud awareness training for employees helped the Kentucky State Treasury thwart a sophisticated business email compromise scheme.
For years, the Kentucky State Treasury has worked closely with its JPMorgan Chase Commercial Banking relationship team to battle cybercriminals and strengthen its ability to be a watchdog for the public. The two have coordinated in-house training, reviewed Commercial Banking resources (including fraud and cybersecurity digests, infographics and emails outlining best practices) and adopted tools and procedures that stress the need to always validate the authenticity of communications and payment instructions.
That work paid off in December 2018 when the State Treasury’s team quickly stopped a $5.3 million business email compromise scheme.
“I am proud of the work Treasury staff did to thwart a $5.3 million fraud attempt on the Commonwealth,” said Allison Ball, Kentucky State Treasurer. “Ensuring that our staff stays up to date on cybersecurity training is a priority of mine. I was pleased to see it pay off as Treasury staff saved the Commonwealth from losing millions of dollars.”
Dennis Paiva, the Treasury’s Director of Accounting and Disbursements at the time, noted that the consistency and awareness of its Commercial Banking relationship team helped strengthen his own team’s cybersecurity preparedness. “This is a strong partnership and good example of a collaborative effort that led to a great outcome,” he said.
Validate, validate, validate
The attempted fraud scheme involved a wire transfer request that was sent to a member of the Treasury’s accounting team. Something about it bothered the employee. It wasn’t the type of account information that employees typically receive and didn’t quite pass the “smell test,” as employees described.
The accounting team member contacted his supervisor, who recalled her cybersecurity education training: validate, validate, validate—especially when something seems off. After calling the person who reportedly submitted the wire transfer, they found that the sender didn’t know anything about the email. The supervisor shared information about the fraud attempt with the entire accounting department to help emphasize payments fraud awareness.
“I have urged all Treasury employees to act as watchdogs of taxpayer dollars,” Treasurer Ball said. “Because Treasury staff were vigilant in their efforts, they were able to immediately implement process changes to mitigate the fraud attempt.”
Prioritizing fraud awareness training for employees
The Treasurer’s relationship with JPMorgan Chase Commercial Banking began in 2011, and has focused on cybersecurity awareness, among other things. In 2017, the former Head of Commercial Banking Cybersecurity and Technology Controls, reviewed best practices with Treasurer Ball, her chief of staff and members of the Treasury team to discuss cybersecurity tools and controls. In addition, the Commercial Banking relationship team—which at the time comprised of Greg Mullins, Eileen Roberts, Celia Campbell, Karl Lamar and Rob Ferguson—reinforced the message in their regular touchpoint meetings.
“It’s been a constant theme in all our meetings,” Mullins, Vice President, Government Banking, said. “We always tell clients to stay vigilant, be aware and remember that you never know when criminals may launch an attack, so it’s critical to be prepared.”
Leveraging cyber solutions and controls
The Treasurer’s office uses Commercial Banking tools and procedures to strengthen its own controls, and now works with other departments in the state to share best practices. Its staff has credited the JPMorgan Chase team for their continuous efforts to warn clients about cyber schemes and payments fraud threats.
“The training and awareness they provided was a big part of mitigating the threat and turning this situation into a success story for the Kentucky State Treasury,” Paiva said.
Roberts, Managing Director, Government Banking, noted that the timing of the attempt showed the level of sophistication involved. The attempt occurred at a time when employees were more likely to be handling payments requests for colleagues who may be on vacation.
“Commercial Banking sends cybersecurity reminders several times a year regarding different fraud schemes, and we publish materials regularly that outline cybersecurity awareness and fraud-prevention practices,” Roberts said. “We were very pleased that our work with the Treasurer’s office helped them stop this scheme and protect the Commonwealth’s taxpayers.”
© 2022 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase Bank, N.A. Member FDIC. Visit jpmorgan.com/cb-disclaimer for disclosures and disclaimers related to this content.