Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Fraudster Stole Millions From Baltimore

September 1, 2025
Reading Time: 3 mins read
in Incidents
MathWorks Confirms Cyberattack Data Stolen

A sophisticated scammer exploited vulnerabilities within Baltimore’s Department of Accounts Payable (AP) to steal more than $1.5 million, marking the third such incident in the city since 2019. By posing as a legitimate vendor, the fraudster manipulated city staff into redirecting two large payments—totaling $1,524,621.04—into a fraudulent bank account. This incident serves as a stark reminder of the financial risks posed by weak internal controls and a failure to implement robust fraud prevention protocols.

The scheme began in December 2024 when the fraudster, using a spoofed email, gained access to the vendor’s Workday account. Posing as an employee of the vendor, the scammer submitted a fraudulent supplier form to the city’s AP department. An AP employee, without proper verification, approved the form despite having incorrect details. This initial breach set the stage for the rest of the scam. Over the next month, the fraudster repeatedly attempted to change the vendor’s bank details, even submitting a fake voided check in a persistent effort to reroute payments.

The scam culminated in February and March 2025 with two successful fraudulent payments. The first payment of $803,384.44 and a second one for $721,236.60 were both completed via Electronic Funds Transfer (EFT) to the scammer’s account. This was only possible because a second set of AP employees approved the fraudulent bank change request without verifying the accompanying documentation. While the city was able to recover the smaller payment, the larger one remains unrecovered, forcing the city to file an insurance claim and re-issue the payments to the legitimate vendor.

According to Inspector General Isabel Mercedes Cumming, the primary cause of this fraud was the accounts payable department’s systemic lack of safeguards. The investigation revealed a critical failure to verify supplier information and a broader pattern of neglecting to adopt corrective measures following prior fraud cases. This institutional oversight created an environment ripe for exploitation and left the city’s finances exposed to this type of attack.

This latest incident is part of a troubling trend. Baltimore has now been a victim of at least two other similar vendor scams: a $62,000 loss in 2019 and a $376,000 loss in 2022. All three cases involved a scammer tricking city staff into changing vendor bank details. The repeated nature of these attacks underscores the urgent need for the city to overhaul its financial security protocols and implement rigorous verification processes to prevent future financial losses.

Reference:

  • Fraudster Stole Over 1.5 Million Dollars From City Of Baltimore
Tags: cyber incidentsCyber Incidents 2025Cyber threatsSeptember 2025
ADVERTISEMENT

Related Posts

Sitecore Exploit Chain Warning

Lotte Card Cyberattack Reported

September 2, 2025
Sitecore Exploit Chain Warning

Zscaler Data Breach Exposes Info

September 2, 2025
Sitecore Exploit Chain Warning

Von Der Leyen Plane GPS Jamming

September 2, 2025
MathWorks Confirms Cyberattack Data Stolen

MathWorks Confirms Cyberattack Data Stolen

September 1, 2025
MathWorks Confirms Cyberattack Data Stolen

Google Warns Salesloft Breach Hit Accounts

September 1, 2025
Swedish Towns Hit By Ransomware Attack

Nevada Closes Offices After Cyberattack

August 28, 2025

Latest Alerts

High Risk SQLi In WordPress Plugin

AI Weaponized Nx Supply Chain Attack

Sitecore Exploit Chain Warning

Brokewell Android Malware In Fake Ads

North Korea APT37 Uses RokRAT In Phishing

New Zero Click Exploit Targets WhatsApp

Subscribe to our newsletter

    Latest Incidents

    Lotte Card Cyberattack Reported

    Von Der Leyen Plane GPS Jamming

    Zscaler Data Breach Exposes Info

    Google Warns Salesloft Breach Hit Accounts

    Fraudster Stole Millions From Baltimore

    MathWorks Confirms Cyberattack Data Stolen

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial