[SchoolFinance] Infinite Vision (School ERP Pro) Employee Portal Fraud

Jamie Youngblood jamie.youngblood at schools.hermon.net
Tue Jul 29 12:51:55 EDT 2025 

Tracy,

Hermon is using the portal (we just released it), but have it set to not
allow direct deposit changes. Our district is already moving to two-factor
authentication on gmail because we have had a few emails get hacked -
unrelated to Employee Access.

Even before we started using the portal, we did not allow any payroll
paperwork through email. The original must come through interoffice mail or
be delivered to central office by the employee.

On Tue, Jul 29, 2025 at 12:46 PM Tracy Wilson <twilson at rsu10.org> wrote:

> I wanted to put this out there to warn other districts about what has been
> happening with our employee portal and direct deposits and to also see if
> it has been happening in your district.
>
> A scammer is hacking into our employees district gmail accounts, going
> into their employee portal and changing their direct deposit.  I then go in
> and check the routing numbers and approve it.  The employee gets an email
> stating that their changes have been approved.
>
> The problem is the scammer gets these emails and deletes them in real
> time.  The scammer will also use the employees account to email us back.
> There is no way for us to know that the employee is not the one emailing us
> as it is truly the employees account.
>
> The receiving financial institution will not give us any information about
> the account whatsoever (we can't even report the account as fraudulent).
> We have to go through the district's bank to try and get the money back.
> Our insurance company also believes that the district is not liable for the
> "stolen" money but we obviously want our employees to get their pay.
>
> Our next steps are to not allow any changes in the portal anymore, and/or
> require a two-factor authentication to be put on their district email
> account.  We have tried that before but some employees balked on the idea.
>
> Has anyone else encountered this?  If so, what steps did you take?
>
> --
>
>    - Tracy L. Wilson
>    - R.S.U. #10
>    - Payroll Specialist/Bookkeeper
>    - twilson at rsu10.org
>    - (207)369-5560 ext. 8201
>    - (207)562-7059 fax
>    -
>    - Confidentiality Notice: This email message, including any
>    attachments, is for the sole use of the intended recipients and may contain
>    confidential and privileged information. Any unauthorized review, use,
>    disclosure, or distribution is prohibited. If you are not the intended
>    recipient, please contact the sender by reply email and destroy/delete all
>    copies of the original message.
>
>
> This is a staff email account managed by Western Foothills Regional School
> Unit 10.  This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they are
> addressed. If you have received this email in error please notify the
> sender._______________________________________________
> SchoolFinance mailing list
> SchoolFinance at maillist.informe.org
> http://maillist.informe.org/mailman/listinfo/schoolfinance



-- 
Jamie M. Youngblood
Director of Finance
Hermon School Department
31 Billings Road
Hermon, ME 04401
Direct Phone: 207-848-4085
Fax: 207-848-5226
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://maillist.informe.org/pipermail/schoolfinance/attachments/20250729/7a0189e1/attachment-0001.htm>

More information about the SchoolFinance mailing list