Cybercriminals are sending spoofed (impersonated) emails — appearing to be from the Comptroller's office — inviting recipients to bid on attached falsified Requests for Quotations (RFQs) included with the spoofed emails. These emails are not from the Comptroller's office and the RFQs are a fraudulent attempt to steal your money.

Don’t become a victim. Help the Comptroller’s office fight fraud.

The Comptroller’s office, like other companies and government agencies, has unfortunately been the subject of a number of recent email fraud attacks, including:

  • Spoofed emails purporting to be from our office but using a fake agency email domain telling recipients to click on an attachment and sign in to receive a message. The attachment contains a fraudulent link designed to steal your login credentials.

  • Spoofed emails (appear very similar to valid agency email addresses but with a period removed between first and last name) with fraudulent RFQs, designed to steal your money.

These cybercriminals are putting your information at risk and trying to damage good customer relationships. That is why we are expanding our efforts to fight fraud and keep you safe and secure.

If you are suspicious about an email that claims to be from the Comptroller’s office, follow these tips:

  • Question whether the information should be requested via email.

  • Be wary of links and attachments. Consider the context of the email, look for red flags such as poor grammar and/or sentence structure, and when in doubt, don’t click.

  • Use an email spam filter and up-to-date virus software and avoid public Wi-Fi.

We value your business and take these matters very seriously. If you suspect an email may be fraudulent, please forward it to Our team reviews all submissions, but only responds when additional information is required.