Citizen Portal

Sumner County staff blocks vendor ACH spoofing attempt after small payment; bank recovers funds

Sumner County Financial Management Committee · January 8, 2026
Article hero
AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

Finance staff reported a vendor ACH spoofing incident in which a fraudster’s email requested bank payment changes; staff paid a small invoice but the bank reversed the transaction and IT blocked the malicious addresses. The committee directed tighter vendor verification for ACH requests.

Finance staff told the Sumner County Financial Management Committee that an apparent vendor spoofing attempt led to a small ACH payment that was subsequently recovered by the bank.

An AP coordinator received emails purporting to be from a vendor (identified in correspondence as Rogers Group) requesting a change in payment method. The coordinator paid a small invoice ($348.60) before the request was flagged as fraudulent. Finance staff and bank officials were able to recall the payment and recover the funds.

Staff described the spoofing as convincing — the emails included familiar logos and plausible details but used a different email domain ending (".us" rather than ".com"). IT blocked the malicious addresses and the committee directed staff to contact departments before processing vendor ACH changes going forward.

Committee members praised the AP coordinator for limiting exposure by paying a small invoice rather than larger invoices that also were targeted. The incident prompted the committee to ask staff to tighten vendor-verification protocols for any future ACH-change requests.