Email Phishing Scam Falsely Using County of San Diego Logo 

Alert for San Diego Agricultural Operations:

The County of San Diego is aware that agricultural operations have received emails from sources pretending to be the County. These emails, referred to as phishing emails, have been sent using the following information:

Phishing is a common type of cyber attack that targets individuals through email or text messages to attempt to acquire sensitive data, such as email passwords. These messages are often designed to look like they come from a trusted person or organization, to get recipients to open malicious links, or enter information on malicious websites.

The recent emails contain the County of San Diego logo to make the sender appear valid. Each email asks the recipient to confirm information, click on a button or link, and/or to enter sensitive information in a location that the fake senders provide. The emails also threaten to suspend or revoke the operation’s license, which some readers may believe refers to their operator identification. However, it does not.

The emails were not sent by the County of San Diego – Agricultural operations should not respond to them, click on any links in them, or send sensitive personal or business information.

As a reminder, emails sent by the County of San Diego Department of Agriculture, Weights & Measures are from the “sdcounty@service.govdelivery.com” email domain using the GovDelivery email software.

To verify email authenticity, look at the information included between the carats (< sample >) or brackets [sample.email@domain.com] shown next to the sender’s name. It is possible for the sender to falsely use “admin@sandiegocounty.gov” in its name. However, it is not possible for a non-County government entity to show its email domain (the information between the carats or brackets) as “sandiegocounty.gov.”

When reviewing emails for authenticity, look for the following queues to help identify phishing emails:

  • Includes suspicious sender’s address that may imitate a legitimate business or government entity.
  • Demands you take urgent action.
  • Offers generic greetings and signature. Excludes contact information from the signature block.
  • Spoofs hyperlinks and websites in body text that does not match the URL text shown when hovering over links.
  • Contains spelling errors, poor grammar, or poor sentence structure. Uses inconsistent formatting.
  • Includes suspicious attachments with requests for you to download and open the attachment.

If you are an agricultural operator and receive an email that claims to be from the County of San Diego and you are concerned about its authenticity, you may contact sdcawm@sdcounty.ca.gov or 858-694-2739 to verify the email’s validity.

If you received such an email and have already clicked on the link or provided sensitive information, we encourage you to report it to your organization’s information technology department, reset your passwords, and scan your computer/device for malicious viruses/malware.