Sheldon, Iowa — The Sheldon Chamber and Development Corporation had someone comandeer their email addresses sometime over the weekend.
Development Director Curt Strouth tells KIWA that some of the organization’s members received emails titled, “Proof of payment for Aug Invoice” that appeared to originate from an SCDC email address. The only problem is, the SCDC didn’t send it.
Wayne Barahona of Super Hi-Tech in Sheldon says he is busy today (Monday) working with the SCDC and the City to try and track down exactly what happened. He tells KIWA that, at least at this point, it appears to be what he called a “classic spoof.” He says somebody has been targetting domain names, such as cityofsheldon.com, and sending emails that appear to be coming from that domain, when in all actuality they are coming from a third party email.
Barahona says he has been in contact with the company that handles Iowa’s internet traffic, and thus far it doesn’t appear that the spoof originated here in Sheldon. He says the encouraging thing is that, at least at this point, it appears that the perpetrators have just been targeting domain names, and it doesn’t appear they have actually hacked into anybody’s computer or server.
There may be other domain names from this area that are being spoofed, as well, that have not yet been discovered.
So if you get an email from a cityofsheldon.com address, or any other email address, you should check with the owner of that email address, and make sure it was really THEM that sent you the email. DO NOT OPEN any attachments until you have made sure that the email is actually from a trusted sender, since opening an attachment could unleash a virus into your computer.
