Security News > 2020 > October > US elections are still vulnerable to email spoofing
An election security report released by Valimail exposed some significant issues with email security which could have the potential to disrupt the 2020 elections.
Just 7% of the largest counties' domains are protected, an increase of just 2 percentage points from 2019.Only one of the eight election systems manufacturers certified by the US government is protected from email spoofing.
Valimail issued a press release stating, "You often hear of email phishing within the corporate world-when business email compromise or related attacks result in loss of funds or proprietary data-but the threat within the US election infrastructure is unique," said Alexander García-Tobar, CEO and co-founder of Valimail.
These emails entail the use of spoofing, whereby valid email addresses or domains are used in the From or Rcpt To fields of an email message.
An SPF record can confirm the legitimate IP address(es) of the sending email server so that recipients receiving email from illegitimate IP addresses can discard these items.