By GARRET JAROS/YachatsNews
YACHATS – If you are one of the more than 4,000 people who received an email from Yachats’ city manager on Wednesday asking you to view a contract agreement — delete it.
It was not sent by Bobbi Price. And its intention is for the receiver to reveal personal information for nefarious reasons.
The email is what is commonly referred to as phishing – the fraudulent practice of sending emails or messages from reputable sources to induce people to reveal information such as passwords and credit card numbers.
“We were alerted to it Wednesday morning just before 10’oclock – that an email went out from her email address,” said city infrastructure clerk Neal Morphis. “That was brought up to us and we said, ‘No, she didn’t send that.’ And that was when we got our IT company involved and they locked down the account.”
Price was speaking with someone prior to attending a city council work session Wednesday when that person received the email in question and alerted her.
The information technology company employed by the city determined Price’s email was breached at 2:31 a.m. Monday, Morphis said.
“The attacker gained access to her account on the first attempt, suggesting that the login was compromised by a phishing scam or a data breach from another entity rather than a brute force attack,” Morphis said.
The email, which was sent to 4,677 people in Price’s work email address book, began by saying “Hello team, please view the shared 2025 city of Yachats contract agreement.” It contained a link to a shared document that if clicked on led to another link where the viewer would have been prompted to provide their login information.
“And that’s the point where people’s login details would have been compromised,” Morphis said.
To be clear, it is believed the breach occurred via a phishing scam through a compromising of the email login and not a more aggressive “hacking” of the city’s system, Morphis added.
“We’re not sure, but it’s possible that somebody posing as a vendor may have emailed a PDF,” Morphis said. “There was some suspicious email that looked like it came from one of the vendors but we’re not sure if that’s actually what it was.”
Price’s email has since been restored and made secure. The tech company enabled a “multifactor authentication” so that she must now go through Microsoft authenticator on her cell phone to access email, Morphis said. The password was changed and email rules were deleted.
“And they’ve done that systemwide too with all city email, so that anybody that didn’t already have multifactor authentication has got it enabled now,” he said.
Phishing for data
Common phishing scams in Oregon, which can arrive through email, text, phone calls and social media, include impersonating government agencies like the Department of Motor Vehicles; court notices and utility bills requiring urgent payment; local businesses requesting bank information or credit card numbers; and false notices from email providers and banks requiring updated login information.
Red flags include urgency to act, suspicious links, requests for sensitive information – including a social security number, unfamiliar senders and poor grammar.
Scammers sometimes create fake, professional-looking profiles or websites that closely resemble an organization’s actual page. And they may play on emotions, pretending to be friends or family members in immediate need.
When in doubt, the Lincoln County Sheriff’s Office advises contacting the actual organization or person through verified contact information — not the method provided by the potential scammer, or by visiting in person.
Data released by the Federal Trade Commission in 2024 showed consumers reported losing more than $10 billion to fraud in 2023, an increase of 14 percent from 2022.
The most commonly reported scam category came from business and government impersonators. Online shopping issues were the second most commonly reported in the fraud category, according to the FTC, followed by prizes, sweepstakes, and lotteries; investment-related reports; and business and job opportunity scams.
Morphis advised people to always check the links they click on when receiving questionable emails.
“If you hover over a link, it tells you where it’s going,” he said. “This initial link that was shared went to another website, one that I didn’t recognize. And you can always call the person and ask ‘Did you actually send this to me?’ That would be my advice, call the person directly if you are ever unsure.”
He also advises disregarding emails from unrecognizable sources, although he said that would have not have kept people safe in the Yachats incident.
“Just always do your due diligence when you are clicking on links,” Morphis said. “And don’t trust even a PDF file because they can be compromised as well. Be on high alert right now. I understand that there’s a lot of scams going around.”
In an unrelated incident, a woman who came in to pay her Yachats water bill this week recently had her bank account hijacked through a link that said “if you don’t want to lose your photos, click on this link,” Morphis added.
“It’s going around,” he said. “So everybody needs to be hyper vigilant right now, because they are ramping up.”
- Garret Jaros is YachatsNews’ full-time reporter and can be reached at GJaros@YachatsNews.com
Comment Policy