We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,818 News Articles

Crooks set up spoof presidential campaign sites

Webroot warns of new 'fund-raising' scam

The growing use of the internet as a communication and fund-raising medium by presidential candidates has a nasty new doppelganger - an elaborate, if short-term, revenue stream flowing to online crooks.

Perpetrators are busy setting up spoofed presidential candidate sites designed to lure unwary voters into parting with their money, their personal data or both, according to security vendor Webroot Software.

The sites are designed to look like legitimate candidate web pages, with solicitations for visitors to click on links, make donations or download screen savers and videos. Those who click on the poisoned links can get infected with a variety of spyware programs and other malware programs, company executives said today.

One such malicious program is a Trojan horse called Zlob; a relatively venerable piece of code, Symantec identified the same Trojan years ago as Trojan.Zhopa. It's designed to deploy various malware tools capable of giving attackers remote access to a compromised system, or of stealing keystrokes and passwords.

Many of the spoofed websites use URLs that take advantage of typographical and spelling errors that a user might make when entering a candidate's website address according to Peter Watkins, CEO of Webroot. Barack Obama and Hillary Clinton appear to be particularly popular choices among those seeking to set up such spoofed sites, he said, probably because people have a harder time spelling their names.

Initially most of the spoofs involved Obama and Ron Paul websites, according to Webroot. But lately, there has been an increase in the spoofing of other candidate Web sites as well.

"What we are seeing is a real explosion in these kinds of sites this year," Watkins said, noting that the 2008 election run-up is the first in which presidential hopefuls have embraced the web in such a major way.

A substantial portion of the hundreds of millions of dollars that candidates are expected to raise this year is likely to be gathered via the internet and criminals want to be in on that action. "Crooks and criminals always follow the money," Watkins said.

It is surprising, he noted, that most of the campaigns appear not to have made the effort to register domain names involving common misspellings and transpositions of their names. Taking that measure would have reduce the potential for crooks to register domains that users could accidentally end up on because they mis-typed a word or misspelled a candidate's name.


IDG UK Sites

45 Best Android games: top Android games for your smartphone or tablet in 2014 (24 are free!)

IDG UK Sites

How Apple, Adobe, Microsoft and others have let us down over UltraHD and hiDPI screens

IDG UK Sites

Do you have the X-Factor too? Mix Off app puts fans in the frame

IDG UK Sites

iPad Pro release date, rumours and leaked images - 12.9 screen 'coming in 2015'