Hackers target local businesses using sophisticated attacks

ByRobert Stevens

At least two Sanpete County businesses were recently targeted in email attacks that used trusted local names to trick people into opening malicious attachments.

Sanpete Messenger publisher Suzanne Dean had her Google Workspace email account compromised last week. The hackers then sent emails to a large network of her contacts. The messages appeared legitimate and included an attachment that featured the newspaper’s logo, designed to build trust and encourage recipients to open it.

Last month, Jared Livingston, owner of Big Pine Sports in Fairview, experienced a nearly identical attack. In that case, messages were also sent from his account to customers and business contacts.

In both situations, the emails did not appear sloppy or obvious. They looked polished. They used familiar names. They included logos. That is part of what makes these attacks effective.

These types of scams are becoming more common in rural communities, where people tend to trust messages from someone they know.

What happened

In the recent Messenger incident, the attackers gained access to the publisher’s Google Workspace account. Once inside, they sent messages directly from her real email address. That is why the emails passed basic spam filters and looked authentic.

The attachment included branding elements tied to the newspaper. Recipients who opened the file risked exposing their own devices or accounts.

These attacks often happen when someone unknowingly enters their password into a fake login page or reuses a password that has already been exposed in a previous data breach.

Why rural communities are vulnerable

In a place like Sanpete County, business owners know their customers. People recognize names. When an email comes from a familiar address, most people assume it is safe.

Hackers count on that trust.

They also know that many small businesses do not have full-time IT staff. Security settings like two-factor authentication are sometimes not turned on. Backup email accounts may not be secured. Recovery phone numbers may be outdated.

That combination makes small-town businesses appealing targets.

Local business owners and residents can reduce their risk by taking a few practical steps:

Turn on two-factor authentication.

This adds a second layer of protection beyond a password. Even if someone steals a password, they cannot log in without a verification code.

Use strong, unique passwords.

Do not reuse the same password across multiple accounts. If one site is compromised, reused passwords make other accounts vulnerable.
Be cautious with unexpected attachments.

Even if the message appears to come from someone you know, pause before opening attachments. If the email seems unusual, call the sender directly to confirm.

Check account recovery settings.

Make sure recovery email addresses and phone numbers are current and controlled by you.

Act quickly if something feels wrong.

If you notice suspicious activity, change passwords immediately, sign out of all sessions, and contact your email provider’s support team.

What to do if you receive a suspicious message

If you receive an email from a local business that seems unusual, do not open attachments, do not click links. Call the business directly using a phone number you already know, not one provided in the email. Delete the message after reporting it.

Both the Messenger and Big Pine Sports took to social media to notify contacts about the incidents.

These attacks are not a reflection of carelessness. They are targeted and increasingly sophisticated. The goal is to exploit trust.

In small communities, trust is one of our greatest strengths. It is also something that requires protection.