Adna School District Defrauded $346,000 in Phishing Scam 


The Adna School District was defrauded of $346,000 through what school officials have called a “sophisticated phishing scam,” according to Adna Superintendent Thad Nelson. 

The district announced the fraud in a detailed email to The Chronicle on Thursday, noting that after the activity was confirmed, the district notified the FBI, the Washington state Auditor’s Office and the Lewis County Treasurer’s Office as well as the district’s insurance carrier and financial institution. 

“This is a significant financial attack on a small rural district such as ours,” Nelson wrote. “It is too soon to see just how the loss of these funds will impact our district going forward. All we can say today is that we will work diligently to minimize the impact to our students and staff in the classroom.”

Nelson explained how the funds were lost and attempted to accept responsibility as the leader of the school district. 

“This was an amazingly sophisticated and precise scam,” Nelson stated. “As superintendent, I am responsible for careful handling of the public’s funds. With this contract I felt we had created a textbook system for managing funds in a public construction project. But we were tricked and it cost our district a significant amount of money and I take responsibility for this mistake. I apologize to our families and the community of Adna.”

In explaining the scam, Nelson noted the school district is in the midst of a $3 million construction project at the Adna Middle/High School. Berschauer Construction from Olympia was hired as the general contractor. 

“In setting this contract up, we established a multi-step procedure for reviewing and approving payments for the work done,” the letter from the district states. “Our process is as follows: general contractor sends monthly payment application (bill) reflecting work completed up to that point. Each bill is sent to seven people for review including the dIstrict’s project architect, superintendent, district business manager, school principal, our district project manager and former Superintendent and the general contractor. Then, after feedback, and line by line confirmation by the architect and project manager that the work has been completed using the materials listed, the architect sends approval to the general contractor to submit that month’s completed bill to the district for payment.”  

According to the district, the process had been used through the prior five months as the district paid just over $780,000 in legitimate payments toward the total project. Those payments were made by the District through physical checks.

“This same review process was used prior to receiving the next bill for $346,000,” the district wrote. “The appropriate work had been done by the contractor, our review team approved this payment amount. The criminal had created an email account using the name of the general contractor with payment instructions were to wire the payment through Chase Bank. We then sent the money per the emailed instructions to the Chase Bank ACH account.”

The “criminal enterprise” continued to communicate with the district about the payment. That’s when the district reached out to the contractor, the Treasurer’s Office and its bank, leading to the determination that the district had been scammed. 

Chase Bank’s fraud department returned $1,200 to the district. 

The district does not know the status of the FBI’s investigation or who was behind the theft of funds. 

The district stated in the letter it has taken steps to assure a similar situation doesn’t unfold in the future. 

“We have taken the following steps to assure that this will never happen again: from this point forward (for the) Adna School District, the ACH option will no longer be considered as a method of payment for future vendor requests,” the district stated. “We utilize Positive Pay, specifically to verify checks that are considered suspicious are sent back to the issuer for examination. Additional expansion of separation of duties of oversight within our current system. We have also done a complete diagnostics of our network to ensure there wasn’t a breach and that data and information are secure. A nationally recognized cyber security training program is currently used with staff to help minimize attacks. This includes a detailed course before school starts each year and random testing throughout the school year. Two-step authentication for staff will be added soon as an additional layer of protection. We will continue to support law enforcement agencies in pursuing recovery of as much of the funds as possible.”