Puerto Rican government hit by phishing scheme

Featured image

Share this article

phishing hook keyboard illustration

Four Puerto Rican government agencies fell victim to a phishing scheme in January 2020, sending millions of public pension fund dollars to cybercriminals within a short stretch of time.

Thankfully, officials unearthed the scam soon after the transfers occurred; unfortunately, only part of the money transmitted was recovered by authorities.

How could this happen?

The phishing scheme began when a hacker(s) breached an employee’s computer at Puerto Rico’s Employment Retirement System in December 2019.

Personnel of Puerto Rico’s Industrial Development Company then received a falsified email informing them of a change to a banking account tied to remittance payments and responded by sending $2.6 million to the fraudulent account January 17.

A similar scheme simultaneously occurred with Puerto Rico’s Commerce and Export Company who sent the cybercriminal(s) $63,000.

RELATED: HIPAA Compliant Email

Puerto Rico’s Tourism Company sent $1.5 million.

In total, the well-coordinated online scam stole over $4 million.

Officials discovered the problem when someone at the retirement agency asked why it had not received its payments.

As of today, authorities have frozen only $2.9 million of the total sent.

Officials are unfortunately still unsure what personally identifiable information the hacker(s) stole, which could have dire, lasting consequences.

Ongoing investigations by the Federal Bureau of Investigation (FBI) and various departments of the Puerto Rican government attempt to understand how this could happen and by who.

Phishing schemes are ever-present and damaging

According to the FBI’s recently released 2019 Internet Crime Report, phishing and related scams remain a top complaint.

In fact, of the 467,361 complaints, 114,702 victims reported phishing and related schemes.

Business email compromise cost victims $1.7 billion.

The total lost by all complainants exceeded $3.5 billion and have grown in the last 5 years.

In 2015, $1.1 billion was lost; in 2018, $2.7 billion.

Such increases, along with the proliferation of advanced, well-coordinated attacks, demonstrate the importance of and need for strong cybersecurity.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022