US presidential candidates face phishing threat in '08

Attacks could divert contributions to opponent's campaign, says researcher

Phishing attacks that harvest credit card numbers or divert online contributions to an opponent's campaign pose the most danger to the Web operations of 2008's presidential candidates, a security researcher said.

"The threat that poses the most danger now is what has posed the most danger in the past," said Oliver Friedrichs, the director of Symantec's security response team and a writer on electoral cybercrime. "Phishing is the most significant problem now, and it has the potential to disrupt campaigns or even competing campaigns."

Not only are candidates' campaign Web sites prime targets for phishers -- the criminals could create bogus sites posing as the real deal to harvest contributors' credit card and bank account numbers -- but they could be victimized by radical followers of their opponent. "A phishing site could impersonate [the site of] one candidate, say Hillary Clinton, but actually submit the donation to another candidate, Rudy Giuliani, for example," said Friedrichs. "It might be very unlikely that a campaign would do something like this, but it could be launched by individuals who already consider themselves criminals, or by radicalized voters."

Even though the dollar amounts of such a steal-from-Hillary-to-pay-Rudy attack might be small, Friedrichs thinks there would be substantial fallout. "The diversion of donations like that has the potential to undermine the confidence in the online donation concept," he said.

In 2004, only two phishing attacks were detected that exploited the presidential election, Friedrichs said, both against the Kerry-Edwards campaign. In one instance, phishers set up a fictitious site shortly after the Democratic National Convention to supposedly solicit donations, although the criminals' goal was to gather credit card numbers and other personal information. In the second, phishers set up a site asking contributors to phone a for-fee 1-900 number that charged callers US$1.99 a minute.

It's likely that the 2008 campaign will see a much larger number of election-oriented phishing campaigns. Phishing posed only a "marginal risk" in 2004, in part because the scam was small-scale compared to today but also because presidential campaigns had only begun to move online in search of contributions. Today phishers are more capable and candidates more dependent on the Internet.

"We've seen phishing against candidates in the past," said Friedrichs, "and we should expect to see it during this campaign."

One thing that could make phishers' crimes even easier is the large number of domains that are just a typo away from an actual candidate's campaign Web site, Friedrichs argued. Using specialized tools, Friedrichs generated possible typo domains -- "mitrromney.com" rather than the intended "mittromney.com", for example -- and analyzed domain registration records.

"Many of the typo domains were not registered by the candidates proactively," said Friedrichs. "Only one candidate [Mitt Romney] had registered a typo domain, and then only one domain. Every other candidate had not taken precautions."

Phishers could exploit typo domains, as well as what Friedrichs called "cousin" domains -- expanded versions of a candidate's actual domain, such as "presidentbarackobama.com" -- to trick contributors into clicking on links in e-mail messages.

But other kinds of profiteering is also not only possible with typo domains, but already in action, according to Friedrichs. Most typo domains, he said, are used to host ads, most often contextual ads. On some typo domains -- courtesy of ad syndicates or keyword purchasing -- the ads are in fact from the candidate whose domain has been abused. "The candidate is paying to have their ads displayed on the typo squatter's Web site. Candidate are paying for their own typo sites," said Friedrichs.

"Candidates and their campaigns are only beginning to understand the risks and have yet to take the necessary precautions in order to protect themselves," he concluded. "Our fear is that a true appreciation of the required countermeasures will not be realized until these attacks do in fact manifest themselves."

A draft of Friedrichs' chapter for the upcoming book Crimeware has been posted to Symantec's Web site, and includes sections on other threats to the electoral process, ranging from malicious code to Internet-based dirty tricks.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?