Phisher gets W-2s from BRF, tries at Alma Center

Phisher gets W-2s from BRF, tries at Alma Center

  • 0

On Thursday, Jan. 18 the BRF school district was hit with a phishing scandal, sending all staff W-2s to an unknown source.

Phishing is the act of emailing someone with the intention of getting vital information from them including social security numbers, bank accounts and, in this case, W-2s.

“One of our staff members received an email that appeared like it was sent by Jill Collins, who is our director of business services,” said Shelly Severson, superintendent for the Black River Falls School District. “It requested a pdf file of all the employee W-2 information for the year 2016.”

The employee at BRF continued to have email conversations with who he/she thought was Collins and in the end complied with the request.

Severson also noted that both herself and Collins were in Milwaukee for a school board convention. Severson feels this also had a hand in the W-2s being sent since the entire email conversation would have been eliminated if they had been present to answer the questions. Severson noted that she knows of two other schools that had this happen during this specific week.

Severson is working on next steps to help mediate this situation, including working with their insurance provider to activate financial protection and credit monitoring for all staff.

“Each one of our employees has now received a unique code that they will create a CyberScout, that’s the name of a third party our insurance carrier works with,” said Severson. “They will monitor their [BRF staff] credit for 24 months, which means anytime there is any kind of inquiry into their credit, they will be notified.”

The insurance provider for BRF is also working with the district to provide special services to help answer questions and mediate any issues that staff may have related to this attack.

While the current, full-time staff, were much easier for the district to contact, their challenge was the people that work for them part time as well as those that no longer work for the district.

“We have a lot of people that work with us on an intermittent basis. For example, we have a lot of college students who work on a summer maintenance crew, we have coaches who have regular, full-time jobs, but they work for us in a coaching capacity and people who worked here last year, but no longer work for us,” said Severson explaining the many different pockets of staff the district employs.

The BRF school district has officially notified everyone that had their W-2s sent to the attackers and are in conversations with the FBI about the situation.

“Because of the information that was fraudulently taken, the criminals have the information to file a fraudulent tax return,” said Severson. “When we talked to the FBI, they said that these people who do this have many phishing scams going at a time and he said it is usually not worth their time to try to file somebody’s taxes. They will typically take an interest in somebody to directly wire them money.”

BRF wasn’t the only district that was hit by the email though, as Paul Fischer, the superintendent for Alma Center-Humbird-Merrillan School District, stated they also received a similar email.

“Ironically we did get the email, but fortunately for us it was delivered to the wrong inbox in the sense that it didn’t go to our business department,” said Fischer. “Knowing that I have an Android and not an iPhone, they said this didn’t look quite right.”

The Alma Center-Humbird-Merrillan School District did send the email to the Jackson County Sheriff’s department for further investigation.

The Melrose-Mindoro and Blair-Taylor school districts both said they were not attacked, but that they have taken notice of this situation and are working on beefing up their own policies and procedures to ensure this doesn’t happen to them.

While the BRF school district has been hurt by this attack, Severson is doing everything she can to make up for this breach of privacy.

“We are incredibly hurt that this happened to so many people in our community that are affiliated with the district. We very much value the relationships that we have with everyone who works with us and for us,” said Severson. “It is a crime and we are all part of this together, so we will continue to work with the authorities.”


Be the first to know

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.

Related to this story

Get up-to-the-minute news sent straight to your device.


News Alerts

Breaking News