San Juan planning staff warns residents of sophisticated phishing campaign

San Juan County planning staff alerted residents on Feb. 12 to a targeted phishing campaign that has impersonated county email addresses and sent invoices asking for wire transfers.

Corey Coleman, planning staff, told the Planning Commission the fraudsters are “really good at taking these meetings right here” and appear to be running meeting audio through AI to create credible-looking messages. He said scammers have sent transfer requests for amounts such as $1,200 and that county employees will never ask for wire transfers. Coleman urged anyone who receives a suspicious email to mark it as spam with Microsoft or Gmail and to notify county IT and the sheriff’s office so the messages can be escalated and shut down.

Coleman showed a spoofed example that used an address like planning.sanjuancountyutgov (missing a period before gov) and contrasted it with the county’s legitimate sanjuancountyut.gov address. He said the county has posted notice through the sheriff’s office Facebook page and asked the commission to help publicize the warning through local media.

The commission supported broad outreach. One commissioner said the issue was “very sophisticated” and recommended contacting the San Juan Record to ensure the public is widely informed. Coleman said staff will continue to investigate incoming reports and work with IT and law enforcement on takedown efforts.

The commission did not vote on any action; staff asked citizens to forward suspicious messages and to press the spam button in their email clients to prompt provider investigation.