Scammers are sending mass emails making false, dramatic claims about the election to mislead people and steal their information
Summary List Placement
The FBI issued a warning last month for Americans to stay on the lookout for fake voting websites and emails that were set up by cybercriminals to spread misinformation and confuse people around the US presidential election. While the FBI didn't disclose specific fake websites, cybersecurity researchers have identified examples of the scam in action — and scam sightings have continued as votes are being counted. Some fake sites aim to mislead voters to influence the election, while others used interest around voting and the election to steal people's passwords. They imitated official election sites but use slightly altered spellings, like changing one letter in the word "election" to trick people into trusting them. Other versions of the scam used similar tactics to send people emails from spoofed addresses that appear to come from election officials, baiting them with emails that purport to contain information about voting in order to get people to click on malicious links. Some emails have been sent in the wake of the election, BleepingComputer reported, claiming to include file attachments with information about "election interference." Recipients are told they need to log into a secure page to see the files, unwittingly handing over their login credentials to scammers. Fake websites are run by scammers and "foreign actors," according to the FBI's announcement, but the agency did not specify which entities may be behind the sites. In one scam identified by cybersecurity firm Zix, criminals used email listserv tools to send thousands of people emails posing as voting officials and encouraged recipients to register to vote. From there, victims were linked to a website designed to look like a voter registration form that tricked them into disclosing personal information. Two other scams identified by security firms Proofpoint and KnowBe4 used fake email addresses to tell people that there was an error with their voter registration, or issues with mail-in ballots in order to collect people's data like date of birth, social security number, banking information, and driver's license data. The tactics are an example of phishing scams in which hackers pose as trusted sources to get people to hand over their information. People lost more than $57.8 million in 2019 as the result of phishing, according to the FBI, with over 114,000 victims targeted in the US. To avoid falling victim to scams, the FBI recommends that people double-check the source of voting information with the Election Assistance Commission and avoid downloading documents sent from unfamiliar email addresses.Join the conversation about this story » NOW WATCH: Why NASA won't send humans to Venus
More like this (3)
Photo: Tetiana Yurchenko (Shutterstock)The IRS has issued a warning about a phishing scam that targets college...Photo: Tetiana Yurchenko (Shutterstock)The IRS has issued a warning about a phishing scam that targets college staff and students, particularly those with “.edu” extensions in their email. The scam uses phony IRS email templates to fool people into providing their personal information to claim a “tax refund.”What to...
Both the Better Business Bureau and the FBI are warning people about romance scams, which are...Both the Better Business Bureau and the FBI are warning people about romance scams, which are expected to remain an elevated threat leading up to Valentine’s Day. This type of scam has been made worse during the pandemic, as cases have spiked by 18% in the last year, according to the FBI. Here’s what you need to know. Read more...
Google’s Safe Browsing program protects a lot of people from phishing, malware, and other harmful sites....Google’s Safe Browsing program protects a lot of people from phishing, malware, and other harmful sites. In fact, it’s so pervasive that it’s not just used by Chrome. Google has managed to get competing browsers, Safari and Firefox, to use it as well. The list of websites blacklisted though is all maintained by Goog...