[SchoolFinance] Infinite Vision (School ERP Pro) Employee Portal Fraud

Tracy Wilson twilson at rsu10.org
Tue Jul 29 11:26:21 EDT 2025 

I wanted to put this out there to warn other districts about what has been
happening with our employee portal and direct deposits and to also see if
it has been happening in your district.

A scammer is hacking into our employees district gmail accounts, going into
their employee portal and changing their direct deposit.  I then go in and
check the routing numbers and approve it.  The employee gets an email
stating that their changes have been approved.

The problem is the scammer gets these emails and deletes them in real
time.  The scammer will also use the employees account to email us back.
There is no way for us to know that the employee is not the one emailing us
as it is truly the employees account.

The receiving financial institution will not give us any information about
the account whatsoever (we can't even report the account as fraudulent).
We have to go through the district's bank to try and get the money back.
Our insurance company also believes that the district is not liable for the
"stolen" money but we obviously want our employees to get their pay.

Our next steps are to not allow any changes in the portal anymore, and/or
require a two-factor authentication to be put on their district email
account.  We have tried that before but some employees balked on the idea.

Has anyone else encountered this?  If so, what steps did you take?

-- 

   - Tracy L. Wilson
   - R.S.U. #10
   - Payroll Specialist/Bookkeeper
   - twilson at rsu10.org
   - (207)369-5560 ext. 8201
   - (207)562-7059 fax
   -
   - Confidentiality Notice: This email message, including any attachments,
   is for the sole use of the intended recipients and may contain confidential
   and privileged information. Any unauthorized review, use, disclosure, or
   distribution is prohibited. If you are not the intended recipient, please
   contact the sender by reply email and destroy/delete all copies of the
   original message.

-- 
This is a staff email account managed by Western Foothills Regional School 
Unit 10.  This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed. If you have received this email in error please notify the 
sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://maillist.informe.org/pipermail/schoolfinance/attachments/20250729/d6919d10/attachment.htm>

More information about the SchoolFinance mailing list