Sumner County finance staff told the Jan. 7 financial management committee that a vendor‑payment phishing scheme briefly succeeded in authorizing a small ACH payout but that the county secured a full recovery.

An accounts‑payable coordinator received a series of emails impersonating a highway vendor (Rogers Group) and approved a $348.60 ACH payment after what staff described as an apparently legitimate email and logo with a slightly different domain (".us" instead of ".com"). The payment posted but staff immediately flagged the transaction as suspicious; the county contacted the bank and the funds were returned.

Finance staff described that multiple invoices in the email thread would have amounted to significantly larger payments, and they commended the AP coordinator for processing only the smallest item before the scam was detected. "We got the money back," staff said.

As a control improvement, the county will block suspicious email addresses in its systems and institute a step to contact the originating department before changing a vendor’s payment method to ACH.

What’s next: staff will work with IT to block the perpetrator’s email addresses and present revised procedures for vendor‑payment changes to reduce the risk of future fraudulent requests.