Fraudulent Emails Attempt to Spread Disinformation and Intimidate Voters

Summary

Recently, threatening emails were sent to registered Democrats claiming to be sent from the Proud Boys organization, described as a far-right, male-only, chauvinistic organization. The email content included language threatening violence if the recipient does not vote for President Trump in the upcoming election; some of the emails also contained a video that falsely implied that individuals could cast fraudulent ballots from overseas. These emails were determined to be fraudulent and only appeared to be sent from Proud Boys with the use of display name and/or email spoofing – changing the display name or email address in the sender line of an email, respectively. Voters in three swing states were among those targeted. The Director of National Intelligence John Ratcliffe accused Iran of distributing the malicious emails. Voter data is largely publicly-available and can be easily used by threat actors, nation-state or otherwise, in efforts to intimidate voters, sow distrust in the US election system, incite unrest, and spread disinformation.

Recommendations

The NJCCIC reminds everyone to maintain awareness of current cyber threats and tactics, including those commonly used in email-based threats. Email spoofing is often employed in these attacks to appear as though the email comes from a known and/or trusted contact. Spoofing can often be identified by closely examining the email address, not just the display name, of the sender as well as viewing email headers.