The Lincoln Project, a political action committee known for its anti-Trump stance, was recently scammed out of $35,000 due to a business email compromise (BEC) attack. This incident occurred in February when hackers gained access to the email account of a vendor used by the Lincoln Project. They then sent fake invoices that appeared legitimate from the vendor’s compromised account, leading to the Lincoln Project inadvertently making two fraudulent payments. These transactions, one for $20,000 and another for $15,000, were later reported to the Federal Election Commission as fraudulent and are currently under dispute.
Spokesman Greg Minchak detailed the incident, describing it as a classic case of BEC, where cybercriminals hack into email accounts to conduct fraud by impersonating trusted vendors. This specific attack not only targeted the Lincoln Project but also affected multiple clients of the hacked vendor. Minchak emphasized that the fraudulent transactions were executed from the vendor’s legitimate email account, which added a layer of deceit making the requests for payment seem all the more authentic.
In response to the financial loss, the Lincoln Project has taken a step back, allowing the vendor alongside their bank’s fraud department to lead the investigation into the breach. They have chosen not to comment further on the incident when approached by media. This approach indicates the organization’s strategy to focus on their core political activities, asserting that the incident did not materially impact their operations or their ongoing political efforts.
This incident is part of a larger trend of BEC scams that have become increasingly prevalent. In 2023, the FBI reported over 21,000 complaints about BEC incidents with adjusted losses amounting to $2.9 billion. This highlights the growing challenge that organizations face in protecting their financial transactions and sensitive communications from sophisticated cyber-attacks. The Lincoln Project’s experience serves as a cautionary tale to other organizations on the vulnerability of email communications and the importance of robust cybersecurity measures.
