Online Fraudsters Targeting Election 2008
In a presentation at the Black Hat security conference in Las Vegas, Oliver Friedrichs, director of emerging technologies in Symantec's Security Response team, explained how fraudsters are using tactics like typo-squatting and phishing to drive traffic to phony election Websites and collect campaign donations from unwitting voters.
Candidates began soliciting donations via email during the 2004 election, and Senator John Kerry pulled in a whopping $82 million in online donations during his campaign.
But in 2008, email has become a far more powerful fundraising vehicle. Senator Barack Obama has thus far raised $350 million in campaign funds, and between 80 and 90 percent of this sum came from online donations, according to Friedrichs.
As more candidates have created Websites, more scammers have been registering domain names with common misspellings, a practice known as typo-squatting, and then directing that traffic to Websites filled with advertisements, or spoof Websites aimed at poking fun at the candidate.
Friedrichs showed attendees a couple of examples of spoofed Websites, including MuttRomney.com, a now defunct Website that included claims that former Massachusetts Governor Mitt Romney enjoys torturing small animals, and HillaryClingon.com, which shows former Democratic presidential candidate Hillary Clinton dressed up in Star Trek gear.
But typo-squatters are also able to re-direct email traffic and intercept email for a particular candidate's campaign, which is far more of a concern than re-directing URLs to spoofed Websites, Friedrichs said.
Profit motivated phishing, a particularly slimy tactic that often appears in the wake of natural disasters, is on the rise as Election 2008 approaches. And since all candidates are accepting donations online through their Websites, it's basically inevitable that some users will be duped by the scammers, noted Friedrichs.
However, campaigns can protect themselves by using tools like Sender ID and Sender Policy Framework (SPF), which are designed to stop spoofing by allowing administrators to specify to receiving mail servers a list of addresses that can send mail from a candidate's domain, Friedrichs said.