A school district in the northeast corner of Tennessee lost more than $3 million earlier this year after an employee was tricked into sending funds intended for online curriculum materials to a fraudster. 

In March, the finance director of the Johnson County Board of Education — whose rural district has about 4,500 students — received an email from someone she thought was a representative of Pearson, a company that provides online courses and other materials for digital learning. In fact, the sender was using a pearson.quest, rather than “.com”, email address. 

After a back-and-forth exchange about banking information and payment dates, the school officer initiated two wire transfers in April totaling $3.36 million to a Wells Fargo bank account. The money came from the Tennessee Investment in Student Achievement budget — a state program to help fund public schools. 

Nearly two weeks later, the school board’s bank was notified about potential fraudulent activity and contacted the Johnson County Schools Director Mischelle Simcox. By that point, the wired funds had already been moved into a web of other accounts. 

A special agent of the U.S. Secret Service tracked the funds and identified a 76-year-old Texan, John Crowson, as the owner of the recipient accounts. When interviewed by the agent, Crowson admitted to opening the accounts and receiving the wires but insisted he did so on behalf of his fiancee — who he had seen “in person a couple of times before she told him she had to go overseas to take care of unfinished business from her father,” an affidavit said

He claimed that she had received an inheritance from her father but that she wasn’t able to deposit it in a U.S. bank and needed him to receive it. Three other account holders interviewed by the agent who received the stolen money echoed similar claims, saying they had met someone online who had convinced them to open accounts and receive money on their behalf. 

So-called money mules are often used by scammers to carry out laundering services. As the FBI has warned, in some cases they “might provide assistance because they believe they have a trusting or romantic relationship with the individual who is asking for help.” 

Such laundering is a crucial part of scams like business email compromise (BEC), when fraudsters target company employees with compromised or spoofed accounts to trick them into sending money. In 2023, such scams resulted in at least $2.9 billion in losses in the U.S. last year, the FBI said.  

As of the affidavit’s filing on September 5, $742,000 of the stolen money was recovered. Simcox, the Johnson County Schools director, did not respond to a request for comment.  

School districts are popular targets for hackers and scammers perpetrating BEC scams. In 2023, the New Haven school district lost $6 million to a BEC scam after hackers gained access to the email account of the school system’s chief operating officer and monitored emails to vendors. The district was able to get $3.6 million back.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.