Skip to main content

NC County Hit by Phishing Attack

By March 24, 2022No Comments
NC County Hit by Phishing Attack

Recently, a rural NC county was hit with a string of phishing email attempts, one of which was successful resulting in $4,000,000 in losses.

Phishing is a cyber attack of sending fraudulent communications that appear to come from a reputable source. We want to explain a few key parts to help you address internal controls:

  • The phishing attacks used either assumed or prior knowledge that a government construction contractor was commonly paid by wire transfer and ACH payment.
  • The phishing attacks were repetitive not complicated.
  • The phishing attacks were successful through a single employee not following verification protocols to vendor account information.


While cyber insurance can respond to losses of this nature – the policy payout is often sub-limited outside of the total policy limit, excluded completely by policy form, or require proper internal accounting controls to respond to a loss.

Learn more about best practices and cyber insurance.

Learn more about this particular phishing incident.