CHARLOTTE — The U.S. Secret Service is trying to get back nearly three million dollars that was supposed to help people in North Carolina who are at risk of losing their housing.
Feds say scammers allegedly duped employees at a North Carolina state agency through a scam known as a “business email compromise.” Court documents filed in the Eastern District of North Carolina outline how the federal government believes scammers made off with $2.7 million from a state agency through a cyber scheme.
“A business email compromise is a type of cyberattack where scammers use deceptive tactics to gain unauthorized access to a business’s email account. This scheme typically involves impersonation of company executives or trusted individuals, sending fraudulent emails to employees, vendors, or clients,” according to an affidavit from a USSS special agent.”
That’s apparently what happened to employees at the North Carolina Housing Finance Agency. The state agency administers the Homeowners Assistance Fund, which is a pool of money that falls under the federal American Rescue Plan Act.
While the NCHFA is tasked with managing the funding, they rely on an outside company, Innovative Emergency Management, to help.
In April of 2023, employees at NCHFA received emails purportedly from IEM requesting updates to the company’s banking account information. After receiving a voided check from the updated account, the NCHFA sent a $2.7 million wire transfer, according to an affidavit.
The transfer caught the attention of Wells Fargo who reached out to NCFHA asking employees to verify the account information with IEM – but it was too late.
“A representative at IEM advised the updates were not legitimate nor requested by IEM personnel … NCFHA realized the email address requesting the IEM account updates did not match other IEM employee email addresses, and subsequently, it was determined approximately $2.7 million had been wired to a fraudulent account,” according to the affidavit.
The money ended up in an account that appeared to belong to Community Federal Savings Bank, but when the bank responded to the Secret Service, they determined the account wasn’t with their bank. Instead, the account was with Currencycloud, which partners with Community Federal Savings to conduct wire transfers.
In July of 2023, Currencycloud turned over account information revealing the name on the account wasn’t even based in the U.S. It belonged to a “United Kingdom-based business, FVB LTD, by a person named Florina-Victoria Constantinescu,” according to documents.
Online business records show that Constantinescu lives in Scotland.
The money was seized by the government after a judge issued a warrant to seize the funds in September of 2023 but it’s still not available. On Thursday, federal authorities filed paperwork for a judge to grant an order for the forfeiture of the money to get it back where it belongs. That request is pending as of Thursday.
(WATCH: BBB warns to not fall for scams while trying to fall in love)
©2024 Cox Media Group