The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains and could be used for phishing or influence operations.
The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were purporting to offer information related to voting and elections.
“These suspicious typosquatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.”
Typosquatting is an issue that litters the internet and affects every sector because it is cheap and easy for anyone to set up a website that mimics the spelling of a legitimate one. A 2018 study found a number of instances of typosquatting that spoofed 2016 presidential campaign websites.
The FBI identified the websites between March and June, according to the bulletin, which cited “recent FBI reporting from a collaborative source whose reporting has not been corroborated.” There have not been any known malicious incidents associated with the suspicious domains, a person familiar with the bulletin said. Some of the websites may simply be bogus instead of malicious, the person said.
Yahoo News was first to report on the DHS bulletin.
The DHS advisory is part of a regular stream of threat intelligence that federal officials send to state and local election officials. In March, after a local Missouri election official clicked on a malicious email, word of the incident quickly reached state officials and DHS warned officials about the email. The incident didn’t escalate and no voter data was compromised.
The incident was a reminder that federal and state work on election security has grown much more collaborative since Russia’s interference in the 2016 election, after which it took federal officials many months to formally notify states that their IT systems had been probed.