Coastal Carolina University is working with multiple law enforcement authorities to investigate two phishing scams that have impacted University finances. The University notified its Department of Public Safety and subsequently the South Carolina Law Enforcement Division (SLED) and federal law enforcement agencies immediately upon learning of individuals impersonating vendors who contract with CCU. Based on the investigation, which is ongoing, the fraudsters appear to be highly skilled and organized in the U.S. and other countries abroad.

"We want for the community, other organizations and businesses to be aware this occurred so they can shield themselves against this kind of fraud," said David A. DeCenzo, president of Coastal Carolina University.

The first incident occurred on Dec. 9, 2016. An individual who claimed to represent a company under contract with the University contacted CCU financial services via email and requested to change the company's bank account information.

Fraudsters provided what appeared to be official documents that included the company's logo, tax ID numbers and names of company officials. A University employee checked the information and then fulfilled the request.

The University notified the company that payment of an invoice was being processed on Dec. 13. A theft of approximately $839,000 was discovered on Dec. 20 when the company notified the University that the funds did not arrive in the company's bank account.

The University immediately contacted its bank to stop payment and start the process of recovering the funds. The University also immediately launched an investigation through its Department of Public Safety, which enlisted the assistance of SLED and federal authorities. These law enforcement agencies focused on reversing the transfers, which has resulted in the recovery of more than $564,000 thus far. Efforts to recover funds are ongoing.

"Thanks to quick action and the 'kill chain' process initiated by federal authorities, a significant amount of funds are being recovered," said David Roper, chief of the CCU Department of Public Safety. The "kill chain" is a tool federal authorities use to freeze funds, following assets bank-to-bank. This gives the wire fraud victim an opportunity to involve law enforcement so an investigation can be launched and funds can be recovered.

The University brought in external auditors on Dec. 20 to investigate and to review finance control procedures and policies. CCU also made an immediate change in procedures requiring that an additional reviewer examine all requests for modification of bank account information.

A second incident was discovered of a similar nature occurring in the same time frame in which $340,000 was stolen. The investigation continues involving multiple law enforcement agencies.

The University is taking appropriate corrective measures, changing necessary processes and initiating additional cybercrime safeguards to ensure this kind of incident does not occur again.

"No state appropriations or tuition funds will be used to cover the net loss to the University," DeCenzo said. "We understand the enormous responsibility we have to protect the University and its financial integrity. I am committed to working closely with law enforcement agencies as these crimes are investigated to the fullest degree. We will do everything in our power to resolve this very unfortunate circumstance so that CCU can move forward stronger than ever."

###

Note: This is an ongoing investigation; no other facts or details regarding this incident can be shared at this time.