Nueces County Recovers $2M After Costly Phishing Scam
In a significant win for local taxpayers, Nueces County recovers $2M that was stolen in a sophisticated email phishing scam earlier this year. The cyberattack, which targeted the Nueces County Courthouse in July, briefly diverted county payments into fraudulent accounts before officials intervened.
Through swift coordination with Frost Bank, the county’s official depository, Nueces County recovers $2M in total, successfully retrieving $1.94 million of the misdirected funds. This rapid response minimized the financial damage from five separate cyberattacks that had infiltrated the county’s payment systems.
“We would like to thank our bank depository, Frost Bank, for their swift actions in helping us recover the funds so quickly,” the county said in an official statement.
Although officials called the incident “unfortunate,” they emphasized it served as a wake-up call to strengthen cybersecurity defenses and modernize internal financial controls to prevent future breaches.
How the Phishing Scheme Unfolded
The scam began when county employees unknowingly responded to fraudulent emails that appeared to be legitimate payment requests. Believing they were communicating with authorized vendors, employees redirected funds to accounts controlled by cybercriminals.
Officials initially estimated the loss at $58,000, but investigators later traced the transactions and uncovered the scam’s full extent—nearly $2 million diverted.
By early September, Interim County Auditor Constance Sanchez confirmed the recovery of $56,850 from the first identified phishing case. Investigators later traced and recovered two large payments—$999,214.12 and $937,777.10—that cybercriminals had funneled into fraudulent accounts using fake banking instructions.
During an October 8 Commissioners Court meeting, Sanchez reported that the county no longer employed the employees involved in the wire transfers.
Forensic Investigation Still in Progress
Despite the successful recovery, the forensic investigation into the breach continues. The Nueces County Sheriff’s Office began probing the case after a tip from the Risk Management Office. Officials learned of the attack in late August when a suspicious wire transfer triggered alarms.
Further investigation revealed that the hackers used fake vendor profiles and altered payment details to siphon funds through multiple transactions.
In response, county commissioners acted swiftly. On September 10, they approved emergency contracts with three cybersecurity firms to investigate the breach, identify weaknesses, and recommend stronger safeguards.
Strengthening County Cyber Defenses
To prevent additional losses, the county temporarily suspended all wire transfers, except for payroll, while it conducted a thorough security audit. This pause allowed officials to assess risks and strengthen internal procedures.
After weeks of evaluation, the commissioners voted on October 8 to resume wire transfers under stricter verification systems. However, Commissioner Brent Chesney voted against the motion, citing lingering concerns about potential phishing threats.
In its official statement, the county assured residents that multiple layers of protection are now in place, including:
- Enhanced employee cybersecurity training
- Multi-level authorization for all wire transfers
- New vendor verification protocols
“We are doing everything in our power to prevent this from happening again,” the county emphasized.
Transparency and Confidentiality Concerns
When media outlets requested internal emails and related records, the county’s auditing office withheld some documents. The County Attorney’s Office cited cybersecurity confidentiality laws, noting that releasing specific details could expose sensitive security systems.
Even so, officials vowed to fully cooperate with law enforcement and cybersecurity experts until they conclude the investigation and recover all funds.
Looking Ahead: Lessons in Cyber Resilience
Recovering nearly $2 million serves as a vital cybersecurity resilience lesson for Nueces County and governments.
Public institutions have increasingly become targets of phishing scams, and even minor errors can lead to significant financial consequences. County leaders stay committed to upgrading security systems and training employees to detect evolving digital threats.
Through swift action and teamwork with Frost Bank, the county showcased vigilance and strong cybersecurity resilience.