Pre-election political spam strikes email users

Tuesday's election had one negative impact on citizens before the first ballot was even cast - a deluge of political spam messages flowing into users' inboxes.

Hundreds of thousands of email users received unsolicited messages from Democratic and Republican candidates in the days leading up to the historic Nov. 7 poll, according to researchers at Sophos.

The election saw Democrats taking back the U.S. House of Representatives and Senate from Republicans.

Information security experts said this week that Democratic control could have a positive effect on IT security-related legislation in Congress, but they also had doubts about the accuracy of electronic voting.

While political spam poses little security threat to users, it can overwhelm systems used to block unwanted email, according to Sophos.

Ron O'Brien, senior security analyst at Sophos, told SCMagazine.com today that political spam is not regulated by the federal CAN-SPAM Act.

"These numbers are staggering. We are seeing numbers in the thousands, just in our (lab). So I would say that majority of users are receiving some sort of unsolicited political news," he said. "And the reality is that (political spam is) exempt from the CAN-SPAM Act. But I think it's time we revisit that."

O'Brien added that political spammers are using IP addresses not known for sending spam.

"They're obviously sending from an address that's a non-spamming address," he said. "So more than likely, it's going to get into your inbox."