Protecting our Statewide Systems from Fraud
December 30, 2022
In early October the Department of Administration learned about a fraud group that is targeting government software systems. As a public sector entity, the State of Kansas is not immune from such fraudulent activities. The group works to access/update banking information with the goal of redirecting payments to bank accounts controlled by the group. State of Kansas staff continue to focus on identifying and halting any attempts to gain fraudulent access to state systems.
Please remember to be vigilant when working with external entities seeking information stored in state systems, as automated system controls cannot prevent every form of fraudulent activity. Social engineering is one of the most common ways for fraud groups to gain access to information needed to commit crimes. Please be especially diligent when communicating with anyone seeking details for State of Kansas payments. With social engineering schemes, fraud groups will contact agency staff in an attempt to gain additional information, so caution must be taken when responding to any inquiry for information related to supplier and/or payment information. Also remember that external entities, including those agencies regularly do business with, can also be compromised by fraud. Therefore, validating that the agency is interacting with a legitimate contact is critical.
To assist in the effort to report incidents of suspected fraud impacting the statewide HR/payroll and finance systems, a new Fluid tile has been added to the main SHARP and SMART homepages:
Clicking this tile will launch an online form the user will complete to report the details related to the incident. This information will be collected by a task force for review and resolution. Agencies will be asked to provide pertinent information, including the date/time of the incident, whether a fraudulent payment has been issued, details regarding the suspicious contact, etc. As much information as possible should be provided to help identify whether any suspicious system activity has occurred and how to address it.
Thank you for your diligence in protecting our statewide systems!
The Office of Accounts & Reports