Ahead of U.S. election, email attack mimics Democratic pitches for volunteers


Cybercriminals sent tens of thousands of malicious email attacks yesterday asking recipients to volunteer for the Democratic Party ahead of the November U.S. election, according to cybersecurity researchers at Proofpoint.

The emails borrow language from the website of the Democratic National Committee and seek to leverage interest in the U.S. presidential election following the first televised debate Tuesday between Republican President Donald Trump and Democratic contender Joe Biden.

The over 30,000 emails were designed to deliver the Emotet malware, and show cybercriminals using lures aiming to entice recipients to click.  The full details of the findings are online here: https://www.proofpoint.com/us/blog/threat-insight/emotet-makes-timely-adoption-political-and-elections-lures.

Sherrod DeGrippo, Senior Director of Threat Research and Detection at Proofpoint had the following to say  :

“Today Proofpoint prevented thousands of malicious emails from hitting unsuspecting voters nationwide—and it’s essential that everyone is aware that threat actors are actively working to impersonate trusted sources this election season.

Emotet is one of the world’s most disruptive threats and their quick use of DNC-themed emails following this week’s presidential debate demonstrates just how swiftly threat actors can tailor their email lures to focus on prominent events. To avoid impersonation attempts this election cycle, approach all unsolicited emails with extreme caution especially if they ask you to take urgent action. Do not open email attachments or click on emailed links and be sure to deeply examine any and all digital communication surrounding the election to verify authenticity and reduce risk.”