City of Naples details how they were bilked out of $700K in “spear-phishing” attack
The City of Naples is calling a cyberattack suffered by the City a sophisticated and targeted “spear-phishing” strategy.
Spear-phishing is an email targeted at a specific individual or department within an organization that appears to be from a trusted source.
The City says this attack was limited to a vendor relationship the City of Naples has
with Wright Construction Group for the 8th Street South renovation.
The work tasked to Wright Construction was underground wastewater, potable water and stormwater utilities improvements. The funds were paid to a fake bank account the attacker provided while posing as a representative from the Wright Construction Group.
City Manager Charles T. Chapman IV said, “The City’s data systems are safe and secure. This attack was not malware or ransomware, no data breach occurred. The City has and will continue to make improvements to our information technology systems.”
The City has paid Wright Construction for the work performed and filed a claim with their insurance carriers and banking institutions.
Chapman says the City is continuing to work with law enforcement to complete a thorough criminal investigation into the attack.