[STMP] Phishing Attempt Using Hotel Engine Email Account Reported

Texas Comptroller of Public Accounts sent this bulletin at 11/04/2019 03:09 PM CST

Phishing Attempt Using Hotel Engine Email Account Reported

The State of Texas 971-M1 contract vendor Hotel Engine has reported that a successful phishing attempt on an employee's Outlook 365 account resulted in emails being sent to about 2,000 state of Texas travelers. By the time an agency notified the State Travel Management Program that their travelers were receiving suspected phishing emails, Hotel Engine's IT staff had identified the problem and secured the account to prevent further phishing emails being generated.

Travelers are advised to be on alert and should not click on a suspected malicious link in an email with the subject line "Jordan Epstein Shard File."

The Comptroller’s office, in addition to companies and other government agencies, has unfortunately been the subject of a number of recent email fraud attacks, including:

Spoofed emails claiming to be from our office but using a domain not associated with the agency, urging recipients to click on a “secure message.” The attachment is malicious, intended to steal usernames and passwords.
Spoofed emails purporting to be from our office or one of our vendors, but using a fake email domain telling recipients to click on an link and sign in to receive a message.

These cyber criminals are putting your information at risk and trying to damage good customer relationships. That is why we are expanding our efforts to fight fraud and keep your information safe and secure.

If you are suspicious about an email that claims to be from the Comptroller’s office or one of our vendors, follow these tips:

Question whether the information should be requested via email.
Be wary of links and attachments.
Consider the context of the email, look for red flags such as poor grammar and/or sentence structure, and when in doubt, don’t click.
It is good practice to periodically change passwords for all accounts.
Use an email spam filter and up-to-date virus software and avoid public Wi-Fi.

Additional information can be found at https://comptroller.texas.gov/fraud-alert/.

STMP & 971-M1 CONTRACT SUPPORT

For questions about STMP or the 971-M1 contract, contact Nicklaus Watson, STMP Manager, at 512-936-8458, or contact Gerard MacCrossan, Data Management, Analytics & Technology Manager, at 512-463-4468.

State travelers may email STMP suggestions for program enhancements or send details about properties not available on Hotel Engine that would be helpful for travelers conducting state business.

State of Texas Help page

Our office does not monitor direct replies to this email address. To find contact information for Comptroller's office employees and divisions, please visit Comptroller.Texas.Gov.

Manage your Comptroller email subscriptions. Add Comptroller topics to your subscription or stop subscriptions at anytime. If you have questions or problems, please contact subscriberhelp.govdelivery.com.

Join the discussion and connect with the Texas Comptroller on Facebook!
You'll see the latest economic news, surveys and more.