Glenn Hegar
Texas Comptroller of Public Accounts
Glenn Hegar
Texas Comptroller of Public Accounts
Skip navigation
Glenn Hegar
Texas Comptroller of Public Accounts
Skip navigation
Top navigation skipped

Main Search

about

Fraud and Consumer Alerts

About Spoofed Emails

Cybercriminals are sending spoofed (impersonated) emails — appearing to be from the Comptroller's office — inviting recipients to bid on attached falsified Requests for Quotations (RFQs) included with the spoofed emails. These emails are not from the Comptroller's office and the RFQs are a fraudulent attempt to steal your money.

Don’t become a victim. Help the Comptroller’s office fight fraud.

The Comptroller’s office, like other companies and government agencies, has unfortunately been the subject of a number of recent email fraud attacks, including:

Spoofed emails purporting to be from our office and the Texas Department of Transportation using a fake agency email domain telling recipients to click on an attachment and “sign in with your email provider to generate a BID ID”. The attachment contains a fraudulent link designed to steal your email login credentials.

Spoofed emails claiming to be from our office but using a domain not associated with the agency, urging recipients to click on a “secure message” but the attachment is malicious, intended to steal usernames and passwords.

Spoofed emails purporting to be from our office but using a fake agency email domain telling recipients to click on an attachment and sign in to receive a message. The attachment contains a fraudulent link designed to steal your login credentials.

Spoofed emails (appear very similar to valid agency email addresses but with a period removed between first and last name) with fraudulent RFQs, designed to steal your money.

Spoofed emails purporting to be from an authorized GovDelivery email service but using a comcast.net email domain. The attached PDF instructs users to click on a “View Information” link which is designed to steal login credentials.

These cybercriminals are putting your information at risk and trying to damage good customer relationships. That is why we are expanding our efforts to fight fraud and keep you safe and secure.

If you are suspicious about an email that claims to be from the Comptroller’s office, follow these tips:

  • Question whether the information should be requested via email.
  • Be wary of links and attachments. Consider the context of the email, look for red flags such as poor grammar and/or sentence structure, and when in doubt, don’t click.
  • Use an email spam filter and up-to-date virus software and avoid public Wi-Fi.
  • When suspicious, do not respond to the original email. Use independent sources to verify sender details and establish a new channel of communication to confirm with the sender.

If you suspect any correspondence from our agency is fraudulent, please notify us by emailing stop.spoofing@cpa.texas.gov.

Required Applications:

Sample of Spoofed Email

example of spoofed email
example of spoofed email

Example of spoofed GovDelivery

example of spoofed govdelivery email
example of spoofed govdelivery email