For federal relief funds authorized by the American Rescue Plan Act (ARPA) (HR 1319) and awarded during the 88th Legislature, the Comptroller established Appropriation 21319 for all revenue and expenditure activity relating to these funds. Contact your appropriation control officer to request activation of Appropriation 21319.
See Coronavirus Relief of 2020 Federal Funding Accounting Policy for the State of Texas (FPP A.048) for more information.
Fiscal Management urges all agencies to review and further strengthen internal processes and procedures for requesting system or security changes. To avoid security threats, it is best to validate requests by a method other than email.
In the past, hackers harvested credentials such as user IDs, passwords, email addresses, etc., then used the credentials to access systems and gather data or other sensitive information.
Now, hackers target the credential with the most transparency — email addresses. They hijack an email account, change the password, then use the email address to request the agency to provide sensitive information or make detrimental changes to the user’s profile, such as changing direct deposit instructions.
This is what makes these hacks so dangerous. Everything about the email appears legitimate, because it is. Since the email account is compromised, the traditional strategy of training users to identify illegitimate email will not work. Only a second level of validation will ensure the instructions received were from the intended user.
See Fraud Prevention Recommendations for more tips, or contact your agency’s information security office for more information and/or to discuss and implement security improvements for your agency.