Online Cyber Crooks Targeting Elections 2008
As the elections are approaching in the US and the candidates have started using Internet to interact with voters, online fraudsters have also begun using political campaign to generate ill-gotten profits.
Director of Emerging Technologies in Symantec's Security Response Team, Oliver Friedrichs said in a presentation at the Black Hat security conference in Las Vegas that hackers are using methods like phishing and typo squatting to lead masses to fake election sites to extract campaign donation from innocent users.
Also, hackers are e-mailing users as representative of their area's election board. They ask users of their credit card number or social security number to check their eligibility for voting.
The security experts claimed that although online fraud is as old as the democracy itself, the emergence of e-mail, voter sites, online donations and campaign to candidates have made the political procedure more vulnerable to new frauds.
Oliver also stated that some of these things have proved quite simple for hacker to provoke. Nowadays, campaigns have not developed much to safeguard themselves from these kinds of attacks, as reported by redOrbit on August 11, 2008.
These fraud mails are not new occurrences for security researchers. Further, in the 2004 elections, candidates solicited donations through e-mail and John Kerry- Senator- grabbed around $82 Million through online donations during the campaign.
Further, Oliver suggested that campaigns could secure themselves by using techniques like SPF (Sender Policy Framework) and Sender ID, which are made to restrict hacking by allowing administrators to mention receiving e-mail servers, a series of addresses that can send mail from a domain of a candidate, as reported by ChannelWeb on August 7, 2008.
Also, the FTC (Federal Trade Commission) steps in and caution users that the organizations carrying out authentic voter registration will contact personally or will provide a voter registration form to be filled. They will never ask the user of their financial data, as reported by kvew on August 11, 2008.
Further, the FTC added that users could contact the elections office at their county courthouse to know more about their requirements.
Related article: Online Card Fraud Shows Greater Tendency Than Chip and Pin
» SPAMfighter News - 26-08-2008