Security News > 2022 > October > US election workers slammed with phishing, malware-stuffed emails
Election workers in US battleground states have been hit by a surge in phishing and malware-laced emails in the run up to their primaries and the upcoming 2022 midterm elections.
That's according to Trellix security researchers, who said malicious emails sent to Arizona county election workers rose 78 percent, from 617 to 1,101, between the first and second quarter of the year, ahead of the state's August 2 primary.
County-level workers managing election infrastructure are assumed to be "Relatively the least sophisticated" of election organizers when it comes to cybersecurity defenses, hence the need to take a look at the threats and risks they face today, Team Trellix argued.
The security outfit said it has found no evidence of compromised election systems in any US state or county, and it has not yet attributed the phishing emails to a particular cybercrime gang or nation state.
Trellix's latest research comes just days after two joint alerts from the FBI and Homeland Security's CISA warned of phishing emails targeting election workers [PDF] and said foreign agents will likely try to spread disinformation in the lead up to and after the midterms.
"As with previous election cycles, foreign actors continue to knowingly spread false narratives about election infrastructure to promote social discord and distrust in US democratic processes and institutions, and may include attempts to incite violence," the Feds noted [PDF].
News URL
https://go.theregister.com/feed/www.theregister.com/2022/10/12/us_election_workers_phishing/
Related news
- Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast (source)
- US organizations targeted with emails delivering NetSupport RAT (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- Google now blocks spoofed emails for better phishing protection (source)
- New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware (source)
- Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- The rising influence of AI on the 2024 US election (source)
- US Post Office phishing sites get as much traffic as the real one (source)
- Millions of Docker repos found pushing malware, phishing sites (source)