The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an announcement to help the public recognize and avoid spoofed election-related internet domains and email accounts during the 2020 election year.
“Spoofed domains and email accounts are leveraged by foreign actors and cybercriminals and can be easily mistaken for legitimate websites or emails,” they warn. “Adversaries can use spoofed domains and email accounts to disseminate false information; gather valid usernames, passwords, and email addresses; collect personally identifiable information; and spread malware, leading to further compromises and potential financial losses.
“The FBI and CISA urge all members of the American public to critically evaluate the websites they visit and the emails sent to their personal and business email accounts, to seek out reliable and verified information on election information.”
Their recommendations include:
Verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be close imitations of legitimate election websites.
Seek out information from trustworthy sources, verifying who produced the content and considering their intent. The Election Assistance Commission provides a vast amount of verified information and resources.
Ensure operating systems and applications are updated to the most current versions.
Update anti-malware and anti-virus software and conduct regular network scans.
Do not open e-mails or attachments from unknown individuals. Do not communicate with unsolicited e-mail senders.