Nation-state actors exploit political tension to launch phishing campaigns
A new report from phishing protection specialist Bolster identifies 24 separate nation-state threat actor groups attempting to exploit rising political tensions across the US to interfere with the 2024 presidential elections.
Attackers are leveraging AI to automate mass spam campaigns, and also to reply in real-time. This targeting and interactivity at scale increases their chances of gaining access to more sensitive data. The influx of election-themed spam is a significant cyber threat, causing widespread confusion among citizens and undermining trust in legitimate election communications.
"We know the frequency of phishing attacks is increasing, as hackers utilize AI to execute more scams than ever before. In fact, phishing scams are being hosted in the US at a rate of nearly double, compared to 2023. The trend is only accelerating. In May alone, we logged a daily average of more than 45K malicious phishing sites," says Abhilash Garimella, vice president of research at Bolster. "More troubling, our researchers identified packages of voter data stolen over the past decade, for sale on the dark web and used by threat actors to create fake identification cards, potentially leading to identity theft or voter fraud."
Of the threat actors identified 75 percent come from either China, Russia or Iran. Data breaches have exposed voter information, giving threat actors access to databases of personal identifiable information (PII), making fraud and identity theft easier to perpetrate. Bolster has also identified databases of voter data with more than 100,000 data points from state-level breaches dating back to 2015 for sale on the dark web.
Threat actors are also capitalizing on this stolen data by providing fully editable PSD templates with complete Know Your Customer (KYC) details for identification cards, potentially leading to identity theft and voter fraud at scale. These templates enable individuals to build counterfeit IDs including personal information obtained through phishing or data breaches.
US military and government are immune from being targeted through .mil and .gov email addresses available for sale on the dark web.
The full report is available on the Bolster site.
Image Credit: 8vfand / Dreamstime.com