Application security, Incident Response, Malware, Phishing, TDR, Vulnerability Management

Webroot: Scammers spoofing presidential campaign websites

Presidential candidates Barack Obama and Ron Paul might not be leading in the latest New Hampshire primary or Iowa caucus polls, but they are the first to have their campaign websites copied in URL-spoofing attacks.

Anti-virus vendor Webroot Software said this month that the campaign websites of Obama, a Democratic senator from Illinois, and Paul, a Republican representative from the 14th Congressional District of Texas, have been spoofed as part of online scams.

The Denver-based vendor advised web users to cautiously gather information about candidates online, saying that similar scams will also take advantage of the popularity of other candidates.

“We initially saw these types of spoofs surrounding the Obama and Paul websites,” Mike Irwin, Webroot chief operating officer, said Thursday in a news release. “But we are finding that the spoofs intensify at the end of the month and will expect to see them intensifying as the candidate sites begin to see more traffic during the later phases of the campaign or during major fundraising drives.”

Victims found the fraudulent websites after misspelling candidates' names while using popular search engines, according to Webroot.

The sites lure visitors to donate money or click on links that download spyware or trojans onto PCs, according to Webroot.

The company recommended that home users keep PCs patched, increase browser security settings, download software from only trustworthy sites and use anti-virus protection and a firewall to prevent similar attacks.

Paul Piccard, Webroot director of threat research, told today that cyberattackers are aware of the growing popularity of online fundraising and “they're definitely following the money.”

“As [election-related] financial activity is increasing online, there's also an increase of malicious users, and there's an opportunity for them there,” he said.

Symantec researchers warned last month that hackers could affect next year's presidential election by using keyloggers, phishing messages or hacking.

Johannes Ullrich, SANS Institute chief research officer, told today that spoofing attacks targeted the website of U.S. Sen. Hillary Rodham Clinton, D-N.Y., herself a presidential candidate, when she first ran for office in 2000.

“[Spoofing is] something that we've seen in the past with company domain names as well, not just campaigns,” he said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.