The 2024 United States presidential election is fast approaching, and malicious actors are taking advantage of the attention and activity surrounding the election season to perpetrate their scams.
Fortinet recently released its FortiGuard Labs Threat Intelligence Report: Threat Acting Targeting the US Presidential Election 2024 US, which presents and analyzes the threats identified from January 2024 to August 2024 related to US-based organizations, voters, and the electoral process. . Researchers have identified phishing scams, malicious domain registration, and other threatening activities that may affect the credibility and trustworthiness of the electoral process and the well-being of participating citizens.
Understanding the growing threats and risks helps business leaders, citizens, and election officials comply with policies and adopt technologies that prevent and mitigate malicious cyber incidents during the election season and beyond.
Phishing scams and fake websites targeting voters
Phishing is among the most common forms of cyberattack today. Cybercriminals use artificial intelligence (AI) to accelerate, scale, and increase the credibility of their scams, which increases this threat.
FortiGuard Labs’ research team has identified malicious actors selling phishing services created to impersonate US presidential candidates and their campaigns on the darknet for as little as $1,260 each. These kits target voters and donors, harvesting personal information such as names, addresses, and credit card information in donation scams.
People are the first line of defense in cybersecurity. To avoid becoming a victim of phishing attacks, it is important that business and technology leaders conduct training sessions that raise awareness of common phishing tactics and other scams. Nearly 70% of respondents to Fortinet’s 2024 Security Awareness and Training Global Research Report believe their employees lack relevant cybersecurity knowledge, up from 56% in 2023. Ongoing training measures should provide guidance on recognizing phishing emails, avoiding suspicious links and attachments, and reporting potential threats. phishing attempts.
In addition to phishing kits impersonating US presidential candidates and their campaigns, since January 2024, FortiGuard Labs researchers have identified more than 1,000 newly registered domain names that include election-related terms and references to prominent political figures. This underscores the importance of being vigilant about suspicious behavior or activity leading up to major events and prioritizing good hygiene online.
Human error will always pose a challenge, as even the most trained employees can fall victim to phishing attacks and other scams. Installing antivirus and anti-malware software on computers adds an extra layer of protection, especially against phishing attacks and identity theft.
Threat actors are selling sensitive data on the darknet
The darknet has become a hotbed of US-specific threats, where malicious actors trade sensitive information and often develop exploit strategies. About 3% of posts on these darknet forums include information related to business and government organizations. These databases hold important organizational data that is vulnerable to cyber-exploitation and a prime target for terrorist actors during elections.
FortiGuard Labs’ analysis revealed a large amount of various information available on darknet platforms targeting the US, including Social Security numbers, usernames, email addresses, passwords, credit card data, dates of birth, and other potentially personally identifiable information used to challenge the integrity of the 2024 US election. For example, billions of records can be used in disinformation campaigns, which can lead to fraudulent activities, phishing scams, and account takeovers.
More than 1.3 billion rows of combination lists – including usernames, email addresses, and passwords – show a high risk of data entry attacks. In this attack, hackers use stolen credentials to gain unauthorized access to accounts. Enforcing multi-factor authentication and a strong password policy helps businesses and consumers protect against data and identity theft.
In addition, organizations should use a security orchestration, automation, and response platform, which can detect unusual activities by special users and, if necessary, block such activities. Keeping complete and current data backups is essential with the rise of ransomware attacks. However, not all backup strategies are created equal. For example, technology leaders should not rely solely on online backups and should avoid using the same passwords for production and backup environments. It is recommended that you keep the cloud backup in an off-site location. Additionally, all backups must be encrypted and must have access controls set.
Protecting and mitigating cyber attacks in a dangerous digital environment
Cybersecurity measures are essential to protect the integrity of the 2024 US presidential election and protect the public. Business leaders and citizens must protect against potential attacks, take proactive measures, and remain vigilant during this critical time.
Source link