Editor's PickFinanceInvestingAhead of U.S. election, malicious email campaign mimics Democratic pitches for volunteers

1 year ago106 min
imagePolitics7 hours ago (Oct 01, 2020 09:05PM ET)

(C) Reuters

By Joseph Menn

SAN FRANCISCO (Reuters) – Tens of thousands of emails sent on Thursday that asked recipients to volunteer for the Democratic Party ahead of the November U.S. election actually came from email scammers and carry malicious software, according to researchers at cybersecurity firm Proofpoint (NASDAQ:PFPT).

The emails borrow language from the website of the Democratic National Committee and seek to leverage interest in the U.S. presidential election following the first televised debate Tuesday between Republican President Donald Trump and Democratic contender Joe Biden, said Sherrod DeGrippo, senior director of threat research at Proofpoint.

The Word document attached to the spam contains miniature programs known as macros that, if enabled by the recipient, install a password-stealing program known as Emotet, DeGrippo said.

“We know that attackers will use themes and current events in the hopes of compromising people,” DNC spokesman Chris Meagher said. “The DNC takes cybersecurity seriously and encourages everyone to be vigilant when opening emails and attachments to protect themselves.”

The emails come less than five weeks before the Nov. 3 election.

Some 30,000 emails had been sent with the DNC theme by early evening on the East Coast, the Proofpoint researchers said.

The emails appear with different sender names and subject lines, but all assert in the text that they are sent on behalf of the DNC and ask for volunteers, declaring: “the way we win is by organizing.”

The attachment is sometimes titled “Team Blue Take Action,” according to an email intercepted by Proofpoint.

DeGrippo said she believes the email senders are motivated by money, not politics. “They want to get the most clicks.”

Emotet steals financial passwords and usually installs other malicious programs that can be controlled remotely, among other things enabling ransomware, DeGrippo said.

Ahead of U.S. election, malicious email campaign mimics Democratic pitches for volunteers

Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.

Leave a Reply

Your email address will not be published. Required fields are marked *