Email Security Intelligence - FBI: The 2020 Presidential Election Is Under Attack by Email Scammers

Phishing continues to be the primary cyber threat, undermining the security and integrity of the upcoming presidential election. As tensions surrounding the 2024 presidential election reach new heights, cyber thieves are utilizing this environment to launch dangerous phishing attacks to steal sensitive credentials and significant sums of money.

The FBI and CISA have warned about the rise of cybercriminals and malicious foreign actors leveraging spoofed domains and email accounts to disseminate false information, collect personal information, and spread malware, resulting in compromises and potential financial losses.

The devastating impact of spear phishing during the 2016 presidential election should have served as a much-needed wake-up call for organizations. However, many continue to rely on outdated defense measures such as signature-based antivirus software, spam filters, and built-in cloud email protection, which must be improved to combat emerging attacks. Shockingly, the FBI reports that despite these protections, 30% of phishing attempts are still opened by target users. More must be done to fortify email accounts against phishing and spoofing attacks, particularly during this heightened risk.

The Current State of Election Security: Misinformation and Disinformation

Misinformation and disinformation campaigns are thriving in this polarized and pivotal election season. Phishers are posing as fundraisers, pollsters, and candidates, employing sophisticated social engineering attacks to gain voters' trust and obtain personal information that can be used for fraudulent wire transfers. These attacks capitalize on the chaos and confusion surrounding the 2024 presidential election, where cyber thieves leverage fake campaign finance emails or voter registration scams to trick individuals into sending "donations" to rogue bank accounts.

One notable phishing scam in Arizona involves a voter registration "error" campaign where recipients are informed of incomplete registration applications. The attackers deceive victims into sharing sensitive information such as Social Security numbers, driver's license data, and other personal details. The fraudulent emails appear to originate from the U.S. Election Assistance Commission and direct recipients to a spoofed website designed to extract personal data.

Political campaigns are also being impersonated, with scammers asking recipients to donate money or volunteer their time. For instance, Guardian Digital identified election-themed scam attempts that used Emotet spear phishing emails pretending to be from the Democratic National Committee, which attempted to recruit volunteers. These fraudulent emails contained Word Document attachments labeled "Team Blue Take Action," which infected victims' systems with Emotet malware upon download. It is worth mentioning that before the 2020 election season, the malware's operator, TA542, had not explicitly leveraged political themes in their attacks.

Moreover, fake political websites that aim to steal personal and financial data are becoming more prevalent. These fraudulent websites often encourage users to sign up or request donations, cleverly utilizing spoofed domains that appear legitimate. Scammers frequently lead unsuspecting individuals to these websites through phishing campaigns that employ malicious URLs.

What Cybersecurity Threats Exist Leading Up to the 2024 Election?

Foreign Threats

Cybersecurity experts and officials have warned about the potential for foreign interference in the upcoming election. Russia and other foreign adversaries are seen as the biggest threats to the election's security. These adversaries can launch various attacks, including hacking, disinformation campaigns, and voter rolls and results tampering. The decentralized structure of the U.S. election system poses a vulnerability that foreign actors can exploit. As a result, strong measures need to be taken to protect against these threats and ensure the integrity of the election process.

In recent years, there has been increasing evidence of foreign entities attempting to interfere in democratic processes worldwide. With the upcoming election, foreign adversaries may aim to sow discord, undermine confidence in the electoral system, or influence the outcome. Government agencies and election officials must collaborate closely, share threat intelligence, and implement proactive measures to detect and thwart any attempts at foreign interference. Additionally, public awareness campaigns highlighting the risks and educating voters about potential disinformation efforts can help bolster the resilience of the election process.

Election System Vulnerabilities

The U.S. election system's decentralized nature presents vulnerabilities that adversaries can target. Hacking attempts, disinformation campaigns, and manipulation of voter rolls or results are just a few of the potential threats that can undermine the integrity of the election. Efforts are being made to strengthen the security of election systems and increase resilience against attacks. Implementing robust cybersecurity measures, conducting regular audits, and maintaining an open line of communication with federal agencies to address emerging vulnerabilities is crucial.

While efforts are being made to enhance the security of the U.S. election system, vulnerabilities still exist that could be exploited by malicious actors. These vulnerabilities range from outdated software and hardware to inadequate training and resources for election officials. Addressing these vulnerabilities requires a multi-layered approach that includes sufficient funding, regular security assessments, and investments in robust cybersecurity infrastructure. By focusing on fortifying the foundations of the election system, potential avenues for exploitation can be minimized, ensuring a more secure and trustworthy electoral process.

Artificial Intelligence and the Disinformation Challenge:

The rise of Artificial Intelligence (AI) poses a significant challenge in combating disinformation campaigns during the election season. Malicious actors can employ AI to generate targeted and convincing fake emails that appear genuine. These disinformation campaigns can have real-world consequences, leading to confusion, distrust, and potential manipulation of voter opinions. Developing effective countermeasures to identify and counteract AI-generated disinformation is an ongoing challenge that requires a multi-faceted approach, including advanced AI analysis and human oversight.

As advancements in AI technology continue, its potential to amplify the dissemination of disinformation becomes more concerning. Deepfake videos, AI-generated text, and highly persuasive automated narratives can be utilized to spread and manipulate information. Combatting AI-driven disinformation requires ongoing research, collaboration among tech companies, and the development of AI-powered detection and countermeasure systems. Additionally, promoting media literacy and critical thinking skills can empower individuals to discern and resist manipulation attempts, maintaining the integrity of the information ecosystem during the election period.

Threats of Violence and Cybersecurity Concerns

Alongside the cybersecurity challenges, federal officials and cybersecurity experts have raised concerns about threats of violence surrounding the election. Domestic extremist groups and lone actors pose particular risks and are considered a significant threat to American democracy. Cyberattacks can facilitate attempts to disrupt and sow chaos, further exacerbating the safety and security concerns around the election. Heightened vigilance, robust security measures, and coordinated efforts between law enforcement agencies and cybersecurity professionals are necessary to mitigate these threats and safeguard individuals' safety during the election season.

The increase in politically motivated violence and threats during elections has posed significant cybersecurity concerns. Online platforms can serve as breeding grounds for hate speech, extremist ideologies, and the coordination of violent actions. Law enforcement agencies, intelligence organizations, and social media platforms must work together to promptly identify and mitigate these threats. Implementing measures such as robust content moderation algorithms, enhanced information sharing, and real-time monitoring can reduce the potential for violence and protect public safety throughout the election process.

The Logical Solution: Strengthening Cloud Email Security

To safeguard email accounts against spear phishing, ransomware, and other malicious attacks that threaten election security, organizations must implement comprehensive email protection measures to counter existing and emerging threats.

Given the sophistication of modern email attacks, a defense-in-depth approach is crucial. In today's digital threat landscape, more than relying on a single security solution is required. An effective email security strategy should incorporate multiple layers of advanced technologies and protocols designed to detect and respond to various threats. Considering that targeted phishing remains a serious threat to election security, it is essential to implement malicious URL protection and email authentication protocols as part of an all-in-one email security solution.

Organizations can significantly benefit from fully managed vCISO email security services. These services simplify administration, enhance security, and free up valuable time that can be dedicated to other important matters.

In addition to implementing robust email defenses, here are some tips and best practices to stay safe online during this election season:

• Avoid opening emails from unknown senders. If you receive an email related to a campaign, consider visiting the official website to make donations or gather information.

• Seek information from trustworthy sources and verify the content's origin and intent.

• Pay attention to spelling and grammar errors in political emails, which can indicate phishing attempts.

• Review the spelling of any URL you visit carefully, as scammers often deploy malicious URLs in phishing campaigns.

• Avoid enabling macros on documents downloaded from an email unless necessary.

• Use robust two-factor authentication (2FA) to protect online accounts.

• Keep operating systems and applications updated and remove unnecessary software applications.

Keep Learning About Fortifying Business Email Heading into Election Season

Guardian Digital CEO Dave Wreski emphasizes the urgency of prioritizing email security to secure the upcoming election, protect voting rights, and uphold democracy. Wreski advises, “By adopting layered, threat-ready cloud email defenses, organizations can effectively mitigate risks and ensure fair and secure polls.”

• Learn more about fully-supported cloud email security solutions that safeguard your email throughout the 2024 election and beyond. 
• Stay informed and continue learning by subscribing to our weekly Behind the Shield newsletter.
• Learn more about the evolving cyber risks your company faces and how to combat them.