Sunday, November 10, 2019

Cyber Scam Questions: Why didn't anyone tell the Town Manager?

Norwich Town Manager Herb Durfee at recent Selectboard meeting. Source: CATV screen shot. 


One of a series of posts raising questions that occurred to me in reading the Burgess Report, the Selectboard commissioned report investigating the business email compromise (BEC) scam that saw $250,000 stolen from the Town. CAVEAT: Hindsight is 20/20.
----------------------------------------------------
First, a brief recap. In response to urgent emails purporting to be from the Town Manager, Finance Director Donna Flies, two months on the job, made ACH (electronic) payments on the following dates and in the amounts indicated: August 6 for $35,820; August 12 for $38,740; August 19 for $88,680; and August 23, 2019 for $86,480. The recipient was Donald S. Jefford, Jr.  The payments were all fraudulent, part of a cyber scam.
The Finance Director knew each transfer violated a Selectboard policy requiring Board approval for the payments but said she took her orders from the Town Manager.
Even though several Town officials had concerns, Town Manager Herb Durfee was not informed about any problematic payments until the Selectboard met in executive session on August 28.

Why didn't the Finance Director ask the Town Manager about the payment requests?

Town Manager Durfee was away on vacation at the time of the first email but was back in the office on August 12.  Yet, the Finance Director never talked with him about the transfers. "[W]hen Flies made the last three payments to Jefford, she never discussed, nor mentioned anything to Durfee about the payments, the lack of invoices, the lack of purchase orders, or lack of Board approval," states the Burgess Report, observing that "regular personal interactions occurred between them daily."

An evil Town Manager could have embezzled a million dollars, seemingly without a peep from this Finance Director.  Was the Finance Director in on the scam? The Burgess Report says that she "believed that the emails were actually from her boss."

What about other Town officials?

By August 18, the day before the third transfer, five town officials, in addition to the Finance Director, knew that one ACH payment had been made in direct violation of Selectboard policy, according to the Burgess Report. These officials were the Town Treasurer, three Selectboard members including the Chair and Vice-Chair, and the Finance Committee Chair.

At that point, the Finance Director was on record as saying she would ignore Selectboard financial policies if the Town Manager told her to make a payment.

In addition, Jefford was not a familiar vendor. Neither the Selectboard Vice-Chair nor Treasurer "knew who Jefford was," says the Burgess Report. On August 16, while on the phone together, "both did a Google search, with no results."

The Treasurer was worried about embezzlement. Although concerned about the violation in policy, the Selectboard Chair, who was away on vacation and had talked with the Treasurer by phone, was "not concerned about embezzlement," says the Burgess Report. A cyber scam was not on anyone's mind. It was decided that the matter could wait until the Selectboard meeting on August 28.

Apparently, the Treasurer was reluctant to talk to the Town Manager by herself. The Burgess Report says the two do not have a good relationship.

Had someone talked to the Town Manager anytime before August 19, over $173,000 in financial loss could have been avoided. By August 23, about $86,000.

The Burgess Report's finding is that it "appears" that Town officials responded appropriately "based on the facts of what people knew, at the time they knew it."

At the Selectboard meeting on the 28th, the Town Manager learned of the embezzlement concerns and about Comerica Bank flagging as suspicious two payments from the Town.

However, the cyber scam implications only became clear after three officials met with the Finance Director the next morning. "[W]hen they first looked at the emails they knew it was a scam," says the Burgess Report. Later that day, the Finance Director received another email from the fraudster asking for two more payments be sent to Jefford that day. She did not reply.

==================

Originally posted on HereCast on 11.02.19.  Contact me at: norwichobserver@gmail.com

No comments:

Post a Comment