A
report in the Wall Street Journal on October 26th described incidences of election officials within the U.S. at the local level being sent suspicious emails which appear to be purposefully targeting them due to their position within their states. According to the private alert which went out Friday, October 23rd which the WSJ is referring to, one of the emails appears to come from an election director and ask the officials who received the emails to click on a link for special two-factor authentication hardware. An additional email appears to come from people with disabilities who are asking about ways in which they would be able to vote from home.
While the Elections Infrastructure Information Sharing and Analysis Center, an information sharing group for election officials, said that none of the links appeared to be malicious or have any malicious attachments, as noted in
one of our previous blog posts, often links are redirected after the email has been sent so as to circumvent potential researchers or other groups who may be testing to see if the links in the emails are suspicious.
With more than 12,000 local election officials, the pool of potential victims is sizable, and considering their impact on the election, they are a vulnerable part of the US election process. A report from July by Area 1 Security which the
WSJ also wrote on found that over half of local election officials which they tracked were using email systems which provided limited protection from phishing attacks.
The EI-ISAC sends regular alerts and reminders to local election officials, which is run by the Center for Internet Security which received funding from the Department of Homeland Security. One of their members said that “Some states are reporting that they are seeing their locals [are] less aware of these threats.”
Beyond targeting election officials, the director of National Intelligence John Ratliffe, said that emails purported from being from far-right groups to intimidate Democratic voters in swing states came from Iran in an attempt to influence the election although the Iranian spokesperson for the United Nations denied such allegations.
With the election drawing near, the use of spoofed emails and phishing to influence the election are likely to continue as attackers often like to utilize current events as a way to target victims. As always, be sure to avoid clicking on links in emails, rather go to the known website before inputting any private information or credentials.