The city's cyber liability insurance carrier, Tokio Marine HCC, covered the payment, leaving the city to pay its $10,000 deductible.
"We continue to be proactive in our efforts to protect the city from cyber fraud, phishing and other scams," City Administrator Bob Vitas said in a news release. "Protecting taxpayer money is of paramount importance to all who work for the city."
Vitas said in November that the city "maintains liability insurance policies that protect the city against ransomware attacks, wire fraud attacks and other forms of cyber-attacks."
The thefts occurred when the city sent two fraudulent wire transfers on Dec. 16 and Dec. 30, 2020. The theft was discovered when a longtime vendor called the city and said it had not been paid and was confused since the city normally paid invoices right away.
The Moline Police Department was notified on or before Jan. 12, 2021, and an investigation was opened. Through the assistance of the FBI and U.S. Secret Service, $6,355 was recovered.
Moline has since reviewed all of its internal control policies with the assistance of auditors and established several new protocols.
One such practice is conducted by the Information Technology Department, which sends fake phishing emails monthly to employees. If a phishing email is opened, the employee is provided additional training on recognizing phishing attempts.
© 2022 Moline Dispatch and Rock Island Argus, Ill. Distributed by Tribune Content Agency, LLC.
