Dark web activity targets US election
A new report from Fortinet shows a range of activity around the upcoming US election including phishing scams aimed at voters and malicious domain registrations impersonating candidates.
Threat actors are selling affordable phishing kits on the dark net designed to target voters and donors by impersonating the presidential candidates and their campaigns.
The FortiGuard Labs research team has observed threat actors selling distinct phishing kits for $1,260 each, created to impersonate US presidential candidates. These kits are designed to harvest personal information, including names, addresses, and credit card (donation) details.
More than 1,000 new potentially malicious domains have also been registered since the beginning of 2024 that follow particular patterns and incorporate election-related content and candidates, suggesting that threat actors are leveraging the heightened interest surrounding the election to lure unsuspecting targets and potentially conduct malicious activities. There's a reliance on major hosting platforms such as Amazon Web Services (AWS) and Cloudflare for these sites which suggests that threat actors are leveraging these reputable services to enhance the legitimacy and resilience of their malicious domains.
In addition billions of records from the US are for sale on dark net forums, including Social Security Numbers (SSNs), personally identifiable information, and credentials that could be used in misinformation campaigns and lead to fraudulent activity, phishing scams, and account takeover.
FortiGuard Labs researchers have also noted a 28 percent increase in ransomware attacks against the US government year-on-year based on observed leak sites.
Derek Manky, chief security strategist and VP of global threat intelligence at Fortinet says, "As the 2024 U.S. presidential election approaches, it's critical to recognize and understand the cyber threats that may impact the integrity and trustworthiness of the election process and the welfare of the participating citizens. Cyber adversaries, including state-sponsored actors and hacktivist groups, are increasingly active leading up to major events like elections. Remaining vigilant and identifying and analyzing potential cyber threats and vulnerabilities is crucial for preparing and safeguarding against the lures and targeted cyberattacks that could take advantage of a heightened moment in time and even disrupt or influence electoral outcomes."
The full report is available on the Fortinet site.
Image credit: melis82/depositphotos.com