Fraudsters Need To Retire Too!

Male hands counting dollars, black salary, money laundering, illegal business, stock footage

When Quincy Retirement Board Executive Director Lisa McBirney announced in late 2020 she would leave her job as the end of that year she asked all essential parties involved with the Quincy Retirement Fund to make necessary changes for the transfer of responsibility. But apparently no one did that and now the city’s information technology department, retirement board and a manager for Aberdeen Standard Investments have all been blamed for the $3.5 million theft from Quincy’s pension system.

The theft originated on February 18, 2021, months after McBirney left her role, when someone used her still-active email address to send a request to Aberdeen Standard Investment to pull some funds, explaining that the Quincy pension systems “needed some liquidity for investments purposes “. In reality, that investment went right into the fraudsters own pension plan! The Aberdeen representative and the fraudster exchanged several follow-up emails that resulted in the investment manager agreeing to process a $3.5 million fraudulent transfer to an overseas account in Hong Kong. Maybe ask why not a bank in Quincy next time?

The Quincy Retirement Board did not review the trade confirmation notice that Aberdeen sent on April 5, 2021, until October 25, 2021- three days after the city of Quincy notified the state commission that it had discovered the unauthorized transfer by Aberdeen. That gave our fraudster eight months to slowly disappear.

Who is to blame? This is not a trick question! All parties involved could have taken basic steps to prevent the fraud, to detect it sooner. Following city issued policy, the retirement board left McBirney’s email address active after she left to ensure remaining staff could access necessary information, despite industry practices calling for deactivating the accounts of departed employees.  The board also did not update its list of authorized signers- those who can approve transactions- for several months after McBirney left. And none of the banks appeared to be using multifactor authentication software, probably the simplest way to bolster any organizations resilience against fraud and risk.

Kudos to McBirney for leading by example. She seems to be the only one who did her job.

Today’s Fraud of the Day is based on an article “Cybertheft Drained $3.5M From Quincy Retiree Fund” published NBC News Boston on October 20, 2022

The retirement board for thousands of Quincy, Massachusetts, city employees, its investment partners and a bank all missed multiple warning signs or precautionary steps that could have prevented a bad actor from fraudulently transferring millions of dollars overseas, investigators concluded in a report that underlines the cybersecurity risks hanging over the public sector.

Months after the Quincy Retirement Board’s executive director left her role, someone used her still-active work email address in February 2021 to request and execute a $3.5 million transaction from investment manager Aberdeen.

Previous article[SPECIAL SERIES: FRAUD WEEK] Uncover Real World Frontline Digital Identity Threats & Trends Happening Now
Next articleA Right To Be Heard

Larry Benson, Senior Director of Strategic Alliances, LexisNexis Risk Solutions - Government

Larry Benson is responsible for developing strategic partnerships and solutions for the government vertical. His expertise focuses on how government programs are defrauded by criminal groups, and the approaches necessary to prevent them from succeeding.

Mr. Benson has 30 years of experience in sales and business development. Before joining LexisNexis® Risk Solutions, he spent 12 years founding and managing two software technology startups. During the 1990s he spent 10 years as a Regional Director helping to grow a New England-based technology company from 300 employees to 7,000. He started his career with Martin Marietta Aerospace working on laser guided weapons and day/night vision systems.

A sought-after speaker and accomplished writer, Mr. Benson is the principal author of “Fraud of the Day,” a website dedicated to educating government officials about how criminals are defrauding government programs. He has co-authored WTF? Where’s the Fraud? How to Unmask and Stop Identity Fraud’s Drain on Our Government, and Data Personified, How Fraud is Changing the Meaning of Identity.

Benson holds a Bachelor of Science in Physics from Albright College, and earned two graduate degrees – a Master of Business Administration from Florida Institute of Technology, and a Master of Science in Engineering from Lehigh University.