Hackers (copy) (copy)

Mount Pleasant was hit by an email phishing attack on Dec. 12, 2017. File/AP

MOUNT PLEASANT — The government of South Carolina's fourth-largest city was hit with an email phishing attack this week.

Town officials said no damage was done, and hackers did not get in to the computer network in Town Hall, but an employee was fooled by the malicious email.

Phishing emails, as they are known, appear to be from a sender known to the recipient. If the recipient clicks on a link or provides information, however, it can allow access to hackers.

In this case, a town employee was tricked and clicked on a malicious link and provided credentials for their email account.

As a result, the phishing email was then sent along from that employee's town email address to the employee's email contacts. A Post and Courier reporter was among those who then late Tuesday received, but did not fall for, the malicious email, with had a subject line "D/D #922."

"Despite our regular, mandatory IT security awareness training, a town employee was deceived by a sophisticated phishing attack," said Marcy Cotov, chief financial officer for the town. "At no time was the town’s network comprised.

"Only the individual’s email account, hosted by Microsoft Office 365, was affected using the stolen credentials," she said. "Steps were immediately taken to lock down the individual’s account to prevent the spread of more malicious emails."

Mount Pleasant was apparently not the only municipality, and South Carolina was not the only state, hit by the phishing email. On Thursday The Post and Courier received a similar email with the similar subject line "D/D #828" from a Hendersonville, Tenn., employee's account. The newspaper notified the city.

Both towns were hit with the phishing email around the end of the workday.

As with the Mount Pleasant email, the Hendersonville email purported to contain a contract and invoice, and included a link that said "review document" — a link that could lead to allowing hackers access to the recipient's email account and potentially a company's computer network.

"As scammers’ attacks continue to evolve so will the town’s security practices and awareness training," Cotov said.

Reach David Slade at 843-937-5552. Follow him on Twitter @DSladeNews.

Reach The Post and Courier Reporter David Slade at 843-937-5552. Follow him on Twitter @DSladeNews.