Researchers at Malwarebytes warn of a surge in election-themed scams ahead of November’s presidential election in the US. These attacks can be expected to increase as the election grows closer.
“The lure that we have seen the most involves asking people to donate to a campaign,” Malwarebytes says.
“Whether that comes in by mail, text, phone call, or on social media, that money isn’t going to any of the candidates. If those scam campaigns aren’t directly after your money, they might well be phishing for personal information.
These phishers also use fake surveys pretending to be a volunteer for one of the political parties and will ask you for personal information directly or get on your nerves by engaging in discussions about controversial subjects.”
In order to avoid falling for a scam, people use a search engine to find the candidate’s official website before sending a donation.
“If you decide to sponsor a candidate, do not follow any links provided in text messages, emails, or on social media,” the researchers write. “Find the official site for your favorite candidate and follow the instructions there. If you use Google or any other search engine to find the official site, do not click on the links in the sponsored ads. We have found too many cases where these went to false sites.”
Malwarebytes also outlines the following best practices to help users thwart phishing attacks:
- Don’t open attachments
- Hover over the link(s) in the email. If they are different from the one that is displayed this is a red flag
- Don’t let any sense of urgency expressed in the email rush you into a hasty decision
- Check the sender’s email address to see if it is what you’re expecting. Note: these can be spoofed so this is not a guarantee, but anything that doesn’t look genuine definitely won’t be.
Article courtesy KnowBe4