John Hughes III, the attorney who represents the church, declined to discuss the specifics of how the fraud occurred. But he did say many of the cases of cyberfraud affecting churches are similar — often involving fake phishing emails. Those emails are often created, he said, by taking a real email and cutting and pasting its contents, including email signatures.
Hughes warned that churches and businesses need to be wary because of the relentless efforts of fraudsters. Especially when it comes to finances.
“Any instructions that come by email — they need to confirm them via phone call,” he said. Otherwise, he added, “they just wire the money out and it’s gone.”
He especially warned of the need for care in dealing with familiar financial transactions — where people might be tempted to click send without reading the entire email.
Hughes also suggested churches and other groups be proactive in talking to their insurance company about fraud. He argued that in the case of the Marco Island church, the loss should be covered. But the process of recovering losses, he said, will be long.
The church’s insurance company did not respond to a request for comment.
Florida Baptists hope that some of the losses will be recovered.
“We remain prayerful that some of this loss may be mitigated through insurance and/or the recovery of stolen funds,” the convention’s update states.
This article originally appeared here.
