City leaders urge caution as hackers use trusted email accounts to send malicious links and scams.
St. George city officials have issued a cybersecurity alert after hackers compromised several local business email accounts and used them to send malicious messages to their contacts. At least a dozen businesses have been impacted, with the total scope of the incident still under investigation.
The compromised emails are being used to send phishing messages that may contain malware, request login credentials, or attempt to collect payments, sometimes in cryptocurrency. Because the emails appear to come from trusted contacts, many recipients are more likely to click without suspicion.
According to Jordan Goethe, the city's technology administrator, this type of scam exploits the familiarity between senders and recipients. Once an account is taken over, attackers send out emails that appear legitimate, making them harder to detect.
Goethe outlines best practices to reduce the risk of falling victim: use a 16-character passphrase, enable multi-factor authentication, and consider password managers like Bitwarden or Google's tool. He also stressed calling the sender directly rather than replying to the email when anything seems unusual.
Several compromised accounts were found redirecting responses to the same inbox, which may indicate coordination among attackers, though it's still unclear whether the threat originates locally or externally.
“You’re like, okay, I know this person. You click on a link without even thinking twice,” said Goethe. “It could happen to anyone, and it’s really unfortunate.”
He noted that red flags include urgent-sounding messages or instructions not to respond using normal methods of communication.
“If you’re a local business, it may be time to update your password,” he added.
Hackers gain access to a real email account and use it to send malicious links or requests to people who already trust that sender, increasing the chance of successful deception.
A passphrase is a longer, more complex combination of words or characters (e.g., “CoffeeBook!Planet2025”) that is harder to crack but easier to remember than a random string of characters.
MFA adds an extra layer of security by requiring a second form of verification, like a code sent to your phone, making it harder for attackers to access your account even if they steal your password.
Look for signs like unexpected messages being sent, contacts reporting strange emails, or reply-to addresses being changed to unknown domains.
Change all passwords, enable MFA, notify contacts not to interact with previous emails, and consult with IT professionals to secure accounts and investigate potential data exposure.