Awareness : Security Awareness Tips

Watch Out for Email Spam and Scams Targeting the Presidential Election

As the countdown to the U.S. presidential election approaches, be aware of the numerous email spam campaigns using the election as a social engineering mechanism to install malicious software on your computer.

One example is an email circulating with false news of a sex scandal affecting one of the candidates. Recipients of the email are encouraged to view a video supposedly involving one of the candidates. Users who click the link are shown a pornographic video. While the video plays, malicious software is installed on the viewer’s computer which allows the attacker to scan the computer for existing vulnerabilities and exploit such weaknesses if it is not adequately protected. This is but one example.

Other examples include amusing “games” allowing you to choose or express support for your candidate. Some of these “games” are innocent, but many are not. These are all clever plays on your emotions. Do not facilitate such activity by forwarding these emails.

Attackers often use major events such as the elections, disasters, sporting events, etc., to catch people off guard and encourage them to click on links to download hostile software. Once they have control of your computer, they can steal your personally identifiable information, access your critical accounts, or commit identity theft. To help protect yourself, you should never click on links in email from unknown sources. The link may look like a genuine site, for example USAToday.com, cnn.com, yahoo.com etc., but in reality, it could take you to a hostile site that just looks like those real sites.

For the example above, if you wanted to verify the validity of the story and your favorite news source is Yahoo, go directly by typing yahoo.com into your browser. Please substitute your favorite news source. If there is a genuine story involving one of the candidates, it will be posted on the major news sites. See the additional tips below:

  • Have antivirus and antispyware software installed
  • Update such software at least once per week
  • Check for and install operating system and application patches from Microsoft, Apple, Adobe etc on a frequent basis
  • Use the latest versions of your favorite browser (Internet Explorer, Firefox, Safari) etc.

Consult your IT support group for assistance with your work computers, but you should also take steps to protect your home PCs as well.

Posted: October 10, 2008