MariMed. Falls Victim to $646K Email Scam: A Case of Advanced Fraud


Imagine the shock and distress of mistakenly transferring hundreds of thousands of dollars to a fraudulent recipient due to a forged email. That’s exactly what happened to marijuana multistate operator MariMed, according to their latest quarterly filing. The Massachusetts-based company lost a significant sum of $646,000 in what they described as a “sophisticated, global fraud.” MariMed’s Chief Communications Officer assures that they are working diligently to recover the funds through their bank or cybersecurity insurance policy. This incident serves as a cautionary tale for businesses about the importance of financial discipline and governance when it comes to cybersecurity.

MariMed Loses $646K in ‘Sophisticated’ Email Fraud

MariMed Loses $646K in Sophisticated Email Fraud
This image is property of

Multistate marijuana operator MariMed recently experienced a significant financial loss due to an elaborate email fraud scheme. The company disclosed in its quarterly filing with U.S. securities regulators that it mistakenly transferred $646,000 to a “fraudulent recipient” after receiving a forged email. This incident follows the resignation of MariMed’s chief financial officer, although it remains unclear if the two events are directly linked. MariMed’s Chief Communications Officer, Howard Schacter, confirmed the loss and expressed confidence in recovering the funds either from the bank or through their cybersecurity insurance policy. The company has been collaborating with the FBI and local authorities in their investigations into this “sophisticated, global fraud.”

Fraudulent Transfer of Funds

In MariMed’s 10-Q form for the quarter ended September 30th, it was disclosed that the fraudulent transfer of funds was related to a term-loan payment. The money was sent to a Chase Bank account that was provided in a forged email. Upon discovery, MariMed attempted to halt the transfer, and initially, Chase Bank indicated that the payment was on hold while investigating the issue. Unfortunately, the bank later confirmed that the funds had been delivered to the fraudulent recipient’s account. MariMed is currently awaiting a formal response from the bank regarding the outcome of their investigation.

Confirmation from MariMed

MariMed’s Chief Communications Officer, Howard Schacter, confirmed that the company had indeed lost $646,000 due to the fraudulent email scheme. Schacter assured that MariMed is actively working to recover the funds and believes that they will eventually be retrieved either through the bank or by leveraging their cybersecurity insurance policy. He emphasized that this incident serves as a cautionary tale for all companies, even those that uphold the highest standards of financial discipline and governance.

Efforts to Recover Lost Funds

As part of their efforts to recover the lost funds, MariMed has filed a claim under their corporate cybersecurity insurance. They have also implemented additional safeguards to protect against future fraudulent activity. In their financials, MariMed accounted for the $646,000 loss as an expense but indicated that they would reverse it if the funds were successfully recovered. The company remains hopeful that they will receive assistance from both the bank and their insurance claim in recouping the financial loss.

Filing Claim Under Cybersecurity Insurance

MariMed Loses $646K in Sophisticated Email Fraud
This image is property of

Recognizing the severity and complexity of the fraud that occurred, MariMed has taken the necessary steps to file a claim under their corporate cybersecurity insurance. While the company remains optimistic about recovering the lost funds, they are also prepared to utilize their insurance policy to mitigate the financial impact. MariMed’s proactive approach in securing appropriate insurance coverage demonstrates their commitment to safeguarding against potential cybercrimes and ensuring financial protection.

Resignation of MariMed CFO

Coinciding with the email fraud incident, MariMed’s Chief Financial Officer, Susan Villare, resigned without offering an explanation. The timing of Villare’s departure raised questions about any potential connection to the fraudulent transfer of funds. However, the company has declined to comment on whether her resignation is directly related to the email fraud incident. MJBizDaily reached out to Villare for comment but has not received a response at this time.

Complexity of Corporate Cybercrime

MariMed’s experience highlights the complexity of corporate cybercrime and the sophistication of fraudulent schemes targeting companies. Joseph Steinberg, a cybersecurity expert, emphasized that these attacks are often not simplistic phishing scams, but involve meticulous planning and reconnaissance by the fraudsters. He cautioned against oversimplifying such incidents, highlighting that cases can involve multiple steps, emails, and even phone calls to carry out the fraud. Steinberg emphasized the importance of protecting against vulnerabilities in third-party systems as criminals often exploit the weakest link in the chain to gain unauthorized access to valuable information and funds.

Exploiting Weak Links in the Chain

The MariMed incident serves as a reminder that cybercriminals are increasingly targeting companies by exploiting vulnerabilities in their email systems and related protocols. Fraudsters often conduct extensive reconnaissance to gather information that can be used to execute their schemes, which may involve multiple steps, meticulous planning, and strategic targeting. Companies must remain vigilant and implement robust cybersecurity measures, both internally and across their network of business partners and vendors, to protect against these sophisticated attacks. By investing in comprehensive cybersecurity protocols, businesses can significantly reduce the risk of falling victim to email fraud and other cybercrimes.

In conclusion, MariMed’s loss of $646,000 due to a sophisticated email fraud scheme highlights the ongoing threat that cybercriminals pose to businesses in every industry. The incident serves as a reminder that even the most diligent companies can become victims of targeted fraud, and as a result, it is crucial for organizations to continually enhance their cybersecurity measures. By implementing stronger safeguards, educating employees about the risks of email fraud, and collaborating with law enforcement agencies, companies can proactively protect themselves against such threats and prevent substantial financial losses.



Don't miss out Join Our Newsletter To-Day

We don’t spam! Read our privacy policy for more info.

logo High USA transparent


Quick Grow Seeds

Your search for the perfect cannabis seed ends here. Dive into and find your match! Visit Website