“Previously, it was typical for company employees to communicate by email and to make transfers of funds — even overseas,” Troy Police Sgt. Meghan Lehman said. “But in this case, someone hacked the account of the sender requesting the funds. And then was days later before anyone questioned the transaction and learned they had been hacked.”
Calls to the company were not returned Tuesday.
Lehman said the company has since reported the theft to its insurer and has changed internal policies, including doing business by email.
She said it is something authorities try to impress on residents faced with making decisions regarding much smaller amounts of funds.
“We warn residents all the time not to trust emails from strangers asking for any sums of money,” Lehman said. “Here, it was believed to be a trusted email from a trusted source.
“Considering the size of the transaction, a phone call might have been in order to verify the request. I would advised anyone, even if they believe they know the sender, to check by phone before ever making a financial transaction.” MORE