We care about what you think! Please take a moment to fill out Fiscal Management’s online customer service survey. We depend on your feedback to improve our operations and better meet your needs.
The survey has three main questions that should take less than a minute to answer, plus an opportunity to provide additional feedback. You can access the survey until Friday, Oct. 4.
Please share this email and survey link with any staff that may interact with Fiscal Management and our statewide systems.
Thank you in advance for your time and thoughts. Email us at fiscal.documentation@cpa.texas.gov with any questions.
Fiscal Management urges all agencies to review and further strengthen internal processes and procedures for requesting system or security changes. To avoid security threats, it is best to validate requests by a method other than email.
In the past, hackers harvested credentials such as user IDs, passwords, email addresses, etc., then used the credentials to access systems and gather data or other sensitive information.
Now, hackers target the credential with the most transparency — email addresses. They hijack an email account, change the password, then use the email address to request the agency to provide sensitive information or make detrimental changes to the user’s profile, such as changing direct deposit instructions.
This is what makes these hacks so dangerous. Everything about the email appears legitimate, because it is. Since the email account is compromised, the traditional strategy of training users to identify illegitimate email will not work. Only a second level of validation will ensure the instructions received were from the intended user.
See Fraud Prevention Recommendations for more tips, or contact your agency’s information security office for more information and/or to discuss and implement security improvements for your agency.