CONWAY, SC (WMBF) – An international phishing scam impacted Coastal Carolina University's finances, resulting in the theft of over $1 million from the campus.
According to a press release, university officials notified its Department of Public Safety, the South Carolina Law Enforcement Division and federal law enforcement agencies immediately upon learning of individuals impersonating vendors who contract with CCU.
The first incident occurred on Dec. 9, 2016, when a person who claimed to represent a company under contract with the university contacted CCU's financial services via email and requested to change the company's bank account information.
According to the release, fraudsters provided what appeared to be official documents that included the company's logo, tax ID numbers and names of company officials. A university employee checked the information and then fulfilled the request.
The university notified the company that payment of an invoice was being processed on Dec. 13. A theft of approximately $839,000 was discovered on Dec. 20, when the company notified the university that the funds did not arrive in the company's bank account, the release stated.
CCU's bank was contacted and told to stop payment and start the process of recovering the funds. After law enforcement got involved, they focused on reversing the transfers, which has resulted in the recovery of more than $564,000 thus far, the release stated.
"Thanks to quick action and the 'kill chain' process initiated by federal authorities, a significant amount of funds are being recovered," said David Roper, chief of the CCU Department of Public Safety.
The "kill chain" is a tool federal authorities use to freeze funds, following assets bank-to-bank, according to the release. This gives the wire fraud victim an opportunity to involve law enforcement so an investigation can be launched and funds can be recovered.
The university brought in external auditors on Dec. 20 to investigate and to review finance control procedures and policies, the release stated. CCU also made an immediate change in procedures requiring that an additional reviewer examine all requests for modification of bank account information.
According to the press release, a second incident was discovered of a similar nature occurring in the same time frame. In this instance, $340,000 was reportedly stolen. The investigation continues involving multiple law enforcement agencies.
"No state appropriations or tuition funds will be used to cover the net loss to the university," said CCU President Dr. David DeCenzo. "We understand the enormous responsibility we have to protect the university and its financial integrity. I am committed to working closely with law enforcement agencies as these crimes are investigated to the fullest degree. We will do everything in our power to resolve this very unfortunate circumstance so that CCU can move forward stronger than ever."