Scammers Pose as Political Activists to Play on Partisan Divide

Hackers are exploiting the partisan divide in the US to lure Americans into clicking on phishing emails, according to new research.

An “extensive and coordinated” phishing campaign was identified in July and August in which the hackers sent emails that impersonated the progressive advocacy group MoveOn. One of those emails asked recipients, “Will you sign the petition to demand that Fox News address and STOP racism and sexism in their election reporting against Kamala Harris.” A link in the emails redirected would-be respondents to a website associated with a malware dubbed “SocGholish,” according to a report from the cybersecurity firm ReliaQuest.

As the November election approaches, hackers have sought to capitalize on voter engagement and have created duplicate websites for campaigns to try furthering their schemes. Aside from discrete misspellings, the fraudulent websites are otherwise identical to legitimate campaign pages, according to ReliaQuest’s researchers, who uncovered more than 500 fake sites intended to lure and deceive voters. Some of those pages solicited victims’ cryptocurrency, researchers found.

While there were no signs that customer accounts were compromised, the findings show the persistent threat from election-themed phishing emails. The notorious Russian cybercrime outfit Evil Corp., whose suspected members are under US sanctions, is linked to the SocGholish malware, according to the cyber firm Red Canary Inc.

“We are aware of attempts to misuse our brand and our platforms for these purposes, and we continue to regularly consult security experts and cooperate with law enforcement to respond and protect our organization, our staff and our members,” a MoveOn spokesperson said in a statement.

Photo: Photographer: Sem van der Wal/AFP/Getty Images