Hackers targeted US election officials with phishing email campaign, according to FBI

Sign up for the daily Inside Washington email for exclusive US coverage and analysis sent to your inbox

Get our free Inside Washington email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Hackers likely targeted US election officials with an invoice-themed phishing email campaign in an attempt to gain access to their systems, according to the FBI.

An advisory issued by the bureau this week warns election administrators and state and local government officials about a malicious email scheme that federal law enforcement believes is part of a “concerted effort to target US election officials.”

Similar threats “will likely continue or increase their targeting of US election officials with phishing campaigns in the lead-up to the 2022 US midterm elections,” according to the FBI.

On 5 October, 2021, “unidentified cyber actors” targeted election officials in at least nine states as well as members of the National Association of Secretaries of State with an email phishing scam using an “INVOICE INQUIRY.PDF” attachment that redirected recipients to a “credential-harvesting” website, according to law enforcement.

At least one of the email addresses used to send the phishing emails was a compromised US government account.

On 18 October, 2021, two email addresses that appeared to be connected to US businesses sent phishing emails to county-level election workers, with false Microsoft Word document attachments

The next day, another email address purportedly from a US business sent a phishing email to another election official with a Word document titled “Current Invoice and Payments for report.”

After Russian hackers targeted information technology systems across the US throughout 2016 elections, federal and state officials have sought to bolster their election infrastructure against potential attacks.

Bryan Vorndran, assistant director of the FBI’s cyber division, told the House Judiciary Committee this week that the agency continues to investigate and share information regarding suspicious cyber activity with election workers, stressing that “cyber hygiene and defense are critical, no matter which actor or method worries us the most.”

“We know our adversaries will continue to target election-related networks and systems again and again using the same unpatched vulnerabilities, by guessing simple passwords, and by spear phishing,” he said on 29 March. “That is why it is critical to maintain close collaboration with election officials, political organizations, candidates, social media and tech companies, and technical defenders.”

It is unclear who is responsible for the attacks that prompted FBI warnings this week.

The FBI’s advisory follows reports of threats and harassment aimed at election workers and administrators leading up to and following 2020 elections.

One in six election workers have experienced threats because of their job, reflecting a similar rate from 2021, despite assurance from the US Department of Justice to “vigorously prosecute” offenders with the creation of an elections task force last summer, according to a survey from the Brennan Center for Justice.

More than half of poll respondents reported harassment on the phone, on social media or on the job.

Nearly three-quarters of respondents were concerned for the safety of their colleagues, while 65 per cent fear in-person abuse, and 63 per cent feared harassment over the phone.

More than three-quarters of respondents said threats against them have increased in recent years.

The Justice Department launched its election task force last year to investigate and prosecute threats against election workers.

It made its first public indictment in January 2022, charging a Texas man accused of using Craigslist to issue a call for “Georgia Patriots” to “put a bullet” in federal, state and local officials.