Scammers Target County Vendors with Email Spoofing, Phishing

A Sedgwick County, Kan., vendor contacted a city official after receiving a suspicious email. The employee forwarded the information to IT and the sheriff, and no money was lost to the scammers.

by Dion Lefler, The Wichita Eagle / December 19, 2018
Shutterstock

(TNS) — Two years after Sedgwick County was bilked in a half-million dollar email scam, someone pretending to be a county official is targeting the county’s vendors seeking sensitive business information.

The current scammer managed to “spoof” a county email address and sent several vendors an official-looking message, seeking information on past financial transactions with the county, spokesman Van Williams said Tuesday.

The scam attempt was brought to light by a vendor, who contacted a county employee to question a suspicious message the company had received, Williams said.

The employee “appropriately informed the right people in finance,” he said. “They called IT (the Information Technology Department) and they called the sheriff.”

No money or sensitive information is believed to have been exchanged, said a statement issued by the county just before the close of the business day Tuesday.

“The emails were generated by a malicious actor who is unassociated with Sedgwick County,” Joe Currier of the IT department said in that statement.

The county has been working to get word out to its vendors to watch out for suspect communications purporting to come from the government, Williams said.

While spoofing and “phishing” for information that can be used to engineer a scam is fairly commonplace, there’s a high level of sensitivity to that at Sedgwick County.

The county Finance Department got tricked into handing over $566,000 in September 2016, when a man spoofing himself as an employee of Cornejo and Sons Construction got the county to change the bank routing number on a contract payment.

The scammer, George S. James, 48, of Brookhaven, Georgia, was later arrested and pleaded guilty.

The county eventually got back $466,000 of the original $566,000 that was stolen minus a $100,000 insurance deductible.

News of the current county scam comes one day after Westar Energy and Kansas City Power & Light issued a warning about a separate scam attempt being run against their customers.

The people running that attack tell customers they’re behind on the electric bill and their service will be disconnected if they don’t pay immediately with a prepaid money card.

Westar spokeswoman Gina Penzig said the company would never require a prepaid card for payment, and wouldn’t disconnect any customer without multiple contact attempts beginning long before the final shutoff day.

In addition, utility customers are currently protected by the state’s Cold Weather Rule, which prohibits companies from disconnecting vital utilities when temperatures are forecast to fall below 35 degrees.

©2018 The Wichita Eagle (Wichita, Kan.). Distributed by Tribune Content Agency, LLC.

Platforms & Programs