News about election-time scammers stirs anew as the United States election draws near. Over the past months, experts have observed an increase in phishing activities tricking voters to fill out fake registration forms, said ZDNet.
Malicious parties such as spam groups have been boosting their campaigns by sending emails to potential victims with links to fake government websites. These sites ask users to “register” for the upcoming elections, allowing attackers to get their personal information.
Aside from info needed for election registrations, some groups have been daring to request banking details, email passwords, and car registration info.
The scams have been rampant since September, with an increase in activities a few weeks before the election.
Email security firm KnowBe4 has previously issued a warning telling voters to be wary of fake sites. The Proofpoint Threat Research Team has also added its voice in alerting the public against these scams.
According to the two security firms, malicious parties are posing as the US Election Assistance Commission (EAC), which is in charge of releasing guidelines for registrations.
ZDNet explained that these phishing emails use headlines such as “voter registration application details couldn't be confirmed” and “your county clerk couldn't confirm voter registration.“
As per the report, these lines “are simple and play on the fear of US citizens that their voter registration requests might have failed.”
The investigation conducted by Proofpoint revealed that the sites are typically hosted on hacked WordPress websites, giving a noticeable indicator that it is fake due to the incorrect URLs.
However, should users fail to observe this, they are bound to compromise their information such as name, date of birth, mailing address, email address, social security number, and driver’s license info.
KnowBe4 and Proofpoint both say that the groups use basic templates to spoof the sites. They usually use the same colors and EAC logo to mimic the appearance of legit websites.
With only a few weeks before the election, Proofpoint observed a change in the spammers’ tactics. Aside from the abovementioned details, they are now requesting more sensitive information.n
They ask users to provide vehicle license numbers, bank names, account numbers, routing numbers to supposedly claim their “stimulus,” and banking username and passwords.
With these, the research team concluded that a well-established group is behind these attacks that have been running phishing campaigns throughout the year using the pandemic as cover.
