City treasurer tricked into wiring $100K US to fraudster

CBC

Updated April 8, 2019 at 1:44 p.m.

City treasurer Marian Simulik fell for a "fake CEO scam" and wired more than $100,000 to a fraudster last summer, according to a startling report from Ottawa's audit general released Monday afternoon.

Many people receive suspicious emails asking for money, a practice known as phishing. But the scam perpetrated on Simulik is known as "whaling" because it targets big fish, like CEOs and chief financial officers.

And that's what happen to Simulik on July 6, when she received an email that appeared to come from city manager Steve Kanellakos, asking her to pay a city supplier $97,797.20 US, currently worth about $130,000 Cdn.

She searched the Internet for the IT supplier and assumed the payment has something to do with an overhaul of the ottawa.ca website.

After a few back-and-forth emails with the fake city manager, Simulik sent the requested amount off to a U.S. bank account.

The entire transaction took about four hours, from 10:30 a.m to 2:30 p.m.

The email should have raised suspicion. The auditor said that neither the current, nor the past city manager can recall a single instance in which he had emailed Simulik to wire money to a supplier. As well, one of the emails from the fake city manager said he didn't want the treasurer "discussing it with anybody in the office, any questions please email me."

After the money was wired to the U.S., the fraudster it from the one U.S. bank account to another. It turns out that second U.S. account was being monitored by the U.S. secret service, which let the City of Ottawa know on Aug. 3 that it had been the subject of a fraud scheme.

The fraud is not before the courts, and it appears some of the money lost through the fraud may be recovered.

Emotional statement

Despite senior staff and coucillors going to great lengths to point out how respected Simulik is in her field and at the city, the treasurer is embarrassed by the incident.

She made a brief, emotional statement to the committee, in which she said she has prided herself "for responsible and professional stewardship of taxpayers' money for the last 28 years.

"That I should be the target and victim of this sophisticated attack has affected me deeply both professionally and personally," she said.

Local police didn't investigate

Simulik had also discovered the fraud.

A few days after transferring the $100,000, she received another request — again, appearing to come from Kanellakos — for another $150,000 to the same supplier. But this email arrived during the July 11 council meeting, so Simulik asked the real Kanellakos about the request. Of course, he didn't know what she was talking about.

The treasurer reported the problem immediately, the committee heard. The auditor general began an internal investigation into the matter the next day, and the Ottawa police was notified.

However, according to the audit report, local police did little to investigate the matter, even though the treasurer was still in contact with the fraudster.

The officer assigned to the case "advised that he did not have any cyber-security experience" states the report. The city's technology security was told by police that as the wire transfer had been completed, there was nothing they could do.

When asked by CBC about the case, an Ottawa police spokesperson said the fraud "was considered a 'business email compromised' case and there was insufficient evidence to identify a suspect. As such, the Ottawa Police investigation was closed."

Councillors kept in dark

Hughes also revealed that the treasurer's office had already been the target of another whaling attempt in the spring of 2018. In that incident, an email that looked to be from the CEO of the Ottawa Public Library requested a wire transfer from the deputy treasurer.

But when treasury staff asked for more information from library staff, they realized the email was a fake. However, the incident was not reported to the city's technology security folks or to the auditor general

Some councillors wanted to know why they were only hearing about these incidents almost a year after they occurred.

However, the auditor general said he could not make public his investigation while it was still on-going. And it was difficult for senior staff to speak with councillors about it, because the auditor had to investigate whether Simulik and Kanellakos were in any way colluding to defraud the city. Neither has been implicated in any way.

Some measures already taken

The city has since taken measures to avoid such phishing scams, including automatic warnings when emails come from an external source. As well, no employee now has the ability to both create and approve a wire transfer.

The city is also working on a mandatory cyber-awareness training for city staff.

The Daily Beast
Biden Camp Has a Field Day With Wobbly Trump at Podium
XThe Biden campaign gleefully turned one of Donald Trump’s favorite digs against him on Saturday, branding the 78-year-old candidate as woefully geriatric in response to his embarrassing stumble at a Minnesota rally on Friday.Video from the event shared by Biden-Harris HQ on X showed Trump grabbing the lectern during his remarks on stage, after nearly toppling the podium over.A feeble Trump nearly falls down on stage after he leans on his podium too hard and then goes on an angry rant calling hi
TVLine.com
Alice Stewart, CNN Political Commentator, Dead at 58
Alice Stewart, the longtime political reporter and CNN commentator, has died. She was 58. Law enforcement confirmed the news to CNN on Saturday, saying Stewart’s body was found outside in northern Virginia earlier that morning. According to CNN, officers believe her death was the result of a medical emergency and no foul play is suspected. “My …
People
Barron Trump, 18, Graduates High School with Parents in Attendance: Photos
The Associated Press caught a glimpse of the event on Friday, which saw Donald and Melania Trump sitting front row in the audience
Snopes
Fact Check: 1938 Video Clip Allegedly Shows Female 'Time Traveler' Talking on Cellphone Before the Technology Existed
The footage was allegedly captured outside a Dupont Factory in Massachusetts in 1938.
CBC
Calgary lawyer resigns from firm after sending 'disturbing' and 'misogynistic' email
WARNING: This article contains graphic content, including sexualized and vulgar language.A Calgary lawyer has resigned after sending an email described by his firm as "deeply disturbing" in which he twice refers to women as "a person with a vagina" and repeatedly mocks transgender people.Rob Rakochey, who was awarded a King's counsel (KC) title in March in recognition of his contributions to the legal community, resigned this week from his partnership at Field Law, the firm confirmed Thursday.A
Hello!
Anya Taylor-Joy just wore four belts as a mini skirt and effortlessly pulled it off
The mini skirt in question is exactly how it sounds. See photos
CNN
He had strict instructions from the groom: ‘Stay away from the bridesmaid.’ Here’s what happened next
Ariff Hassan and Liliya Dauletaliyeva crossed paths at a wedding and couldn’t ignore their chemistry. They both flew across the world to continue their connection.
The Daily Beast
Trump Ends NRA Speech With ‘Horror’ Warning Set to Dramatic QAnon Music
Justin Sullivan/Getty ImagesDonald Trump followed up his endorsement by the National Rifle Association on Saturday with a speech stoking fears of the government under Joe Biden “coming for your guns” and a bizarre monologue set to dramatic music resembling a song favored by QAnon.Addressing thousands of members of the NRA at their annual meeting in Texas, the former president stuck to his usual talking points, hailing the reversal of Roe v. Wade as an “amazing thing,” comparing himself to Al Cap
HuffPost
OUCH! Desi Lydic Tells Trump How 'Everyone' Around Him Really Feels
The "Daily Show" correspondent hit the former president with a blunt reality check.
Self
My Husband Was Diagnosed With Dementia at 36. Here’s How I First Knew Something Was Wrong
What I saw wasn’t normal behavior for anyone, let alone my brilliant, amazing spouse.
United Press International
Rudy Giuliani served notice of Aziz. indictment during birthday party
Rudy Giuliani's 80th birthday party in Florida was interrupted when the former New York City mayor was served with a notice of indictment in an alleged plot to overturn the results of the 2020 election in Arizona.
INSIDER
Here's how the Trump family spends their billions, from a $11 million beachfront estate in St. Martin to a $15 million fleet of private aircraft
Former President Trump, the presumptive Republican presidential nominee, has a net worth of $7.5 billion, according to a May 2024 Forbes estimate.
CNN
PGA Championship: Fan strips down to retrieve golfer Adam Hadwin’s club from water
On any other afternoon at any other tournament, Adam Hadwin’s seventh hole would have served up the most surreal scenes of the day. During the second round of the PGA Championship though, it was just another hole.
People
“SI Swimsuit ”Model Lauren Chan 1 Year After History-Making Rookie Debut: 'I've Come Into My Own' (Exclusive)
One year after Chan's 'Sports Illustrated Swimsuit' debut, the model opened up to PEOPLE about the sources of her confidence
CBC
3 teen girls expected to plead guilty in swarming death of Kenneth Lee in Toronto, court hears
Three teenage girls are expected to plead guilty in the swarming death of Kenneth Lee near Union Station in December 2022, court heard Friday.The girls, aged 13, 13, and 14, appeared in provincial court in Toronto.Three other girls, aged 15, 16, and 16, are expected to plead not guilty, court heard. Eight teenage girls were initially charged with second-degree murder in connection with Lee's death. They range in age from 13 to 16 years old. Lee, 59, was pronounced dead in hospital on Dec. 18, af
BuzzFeed
After Harrison Butker's Commencement Speech, Women Are Flooding The Kansas City Chiefs' Instagram Account With Sarcastic "Womanly Duties" Comments You Have To See For Yourself
"I hope I can see the TV from the kitchen."
InStyle
Dua Lipa's Sheer Dress and Visible Thong Brought the Naked Dress Trend to the ACM Awards
Falling forever for this gown.
The Daily Beast
Reporter Puts Trump on the Spot Over His 2020 Vow on Minnesota
KSTPIn an interview with a St. Paul, Minnesota reporter that aired a few days before his scheduled appearance Friday at the state GOP Lincoln Day fundraising dinner, former President Donald Trump denied saying that he wouldn’t return to the Midwest state if he lost it in 2020—but the local ABC affiliate brought the receipts to prove otherwise.KSTP reporter Tom Hauser spoke with Trump over a video call conducted Tuesday before the indicted ex-president went to court to hear testimony from his for
The Independent
Greene called ‘bleach blonde bad-built butch body’ in House screaming match where ‘drinking was involved’
Both Republicans and Democrats said on Friday drinking was taking place
The Daily Beast
Russians Plunged into Darkness After Monster Drone Attack
Valentyn Ogirenko/ReutersUkraine launched a massive drone attack against military and energy facilities in Russia and the occupied peninsula Crimea overnight, with Moscow saying Friday that over 100 unmanned weapons had been involved in the operation.The Russian Defense Ministry claimed its forces had intercepted and destroyed 102 UAVs over four different regions while another six drone boats were taken out in the Black Sea. While the ministry did not reveal the extent of the damage from the att

Latest Stories