DEFENSESTORM BLOG

Election Scams

Wednesday, January 17th, 2024

VIEW ALL INSIGHTS

DefenseStorm

With election season beginning to ramp up, it’s important to be aware and prepared for the barrage of phishing, smishing, vishing, and other “ishing” scams and campaigns that are sure to follow. Just this weekend, I received multiple texts related to voting and polling, so let’s explore a few of the common scams and tactics that bad actors will try to leverage to obtain your personal information.

With election season beginning to ramp up, it’s important to be aware and prepared for the barrage of phishing, smishing, vishing, and other “ishing” scams and campaigns that are sure to follow. Just this weekend, I received multiple texts related to voting and polling, so let’s explore a few of the common scams and tactics that bad actors will try to leverage to obtain your personal information.

Fake Voter Surveys or Polls

Election season will always bring numerous, legit organizations and campaigns calling and polling voters to learn what issues and problems candidates should focus on. However, we also know that bad actors will use these to obtain as much personal information about individuals as possible.  Some will offer the lure of monetary compensation and gifts to participants. If you choose to participate in one of these polls, be sure not to provide too much personal information.  Some demographic information is normal, like age and race and which political party you identify with, but providing much more than that should be a red flag. Also, if you get texts and emails with links to click on to participate in polls, I highly suggest you investigate the entities contacting you before clicking on ANYTHING! Remember, surveys shouldn’t require your social security or credit card number to participate.

Political Donation Scams

No surprise on this one. Bad guys will often impersonate campaign workers and attempt to solicit funds from victims on behalf of their “candidate”.  This may come in the form of a phone call, email, text, or maybe even showing up at your house in person. Always do your research on any organization asking for money.  Never click on links or respond to messages you are unsure where they originated from. These can often lead to malicious software and applications being installed on your devices.  If you are ever unsure but want to donate, it is probably best to find and go through the candidate’s official campaign page.

Voter Registration Scams

Anyone contacting you by any means saying you are not registered to vote or need to register should raise a red flag. Bad actors will try to get victims to click on a link and submit personal information to “register” to vote. Often, not only will these links lead to fake pages for you to enter your information to be stolen, but they are also usually laced with malware. If you receive any form of communication asking you to confirm your voter registration information or register to vote, or if your registration has expired, please contact your local voter registration office and go through them.

These are just a few scams that we often see repeated year after year, and this year, they seem to be coming earlier and with more frequency. With anything of this nature, following the suggestions below can help you better prepare and protect your organization and employees.

  • Educate users in your organization about political phishing campaigns
  • Continued internal training for phishing and social engineering campaigns
  • Enforce or enable multi-factor authentication
  • Maintain and enforce a strong password policy
  • Keep all systems up to date and patched for the known latest vulnerabilities
  • Block threat indicators at their respective controls
  • Backup critical data regularly
  • Have a recovery plan
  • Use app hardening
  • Restrict administrative access

DefenseStorm is committed to providing the latest and most critical information about cybersecurity threats, scams, and developments. Follow us on LinkedIn or check our resources page regularly for more essential news and insights.

James Bruhl

James Bruhl

Director of Cyber Threat Intelligence

James Bruhl is the Director of Cyber Threat Intelligence for DefenseStorm. He joined the company with 15 years of experience as a law enforcement officer, bringing extensive experience in crime prevention, evidence collection, investigative techniques, and crisis management. Driven by a passion for technological advancements and the ever-evolving landscape of digital threats, he transitioned to the field of digital forensics, incident response, and cybersecurity. In his role, he honed his skills in analyzing digital evidence, identifying cyber threats, and implementing robust security measures specializing in forensic examinations on various devices to uncover critical information and support investigations. James began at DefenseStorm as a security engineer in 2020 and developed DefenseStorm’s EDR Service. He was then appointed as Director of Cyber Threat Intelligence in 2022 and is responsible for nearly all facets of the EDR service. During his cyber career, James has been instrumental in proactively detecting and responding to cyber incidents and plays a vital role in incident response teams, coordination efforts to mitigate the impact of breaches, vulnerability identification, and strategy implementation to prevent future attacks. He continues to share his expertise by conducting training sessions, participating in conferences, and writing articles on topics related to digital forensics, incident response, and cybersecurity. James holds a bachelor’s in criminal justice from the University of North Georgia and a GCFE certification.