Security Alert - GMA Emails Being Spoofed

September 22, 2017

Some GMA members have received emails that appear to come from trusted staff at GMA. These emails indicate the city is being invoiced by GMA and contains a link to an invoice.


GMA does not send invoices through links and by clicking on the link, you could be putting your city’s computer security at risk. If you have received one of these spoofed emails, please contact your IT security staff and let them know so they can take appropriate action. Please note, too, that GMA’s system has not been compromised; the emails are an unknown entity trying to impersonate GMA in order to access city computers.

As a general rule, here are some things to look for when you receive an email from GMA:
  • The official GMA signature, including the GMA logo, should be at the bottom of every email.
  • Verify the email address by looking closely at the actual email address. Spoofers will often very closely replicate the actual email address of someone you know and trust, but if you look at it closely, you will notice slight differences, such as rather than or one letter difference like “”
  • Any email you get that looks like it comes from GMA but has a link to an invoice is a not an email that came from GMA. We do not invoice through links.
  • Whenever you get an email – from GMA or anyone else – that seems suspicious to you, call the person it appears to come from and verify they sent it.
  • Always report any suspicious email to your IT department.
GMA values the trust you have put in our organization and staff. We are very disturbed that someone is taking advantage of that trust for illegal, nefarious purposes. Please know we are doing everything we can on our end to address this situation.

Back to Listing