Spoofed Prez Candidate Sites Have Malware

Internet users fooled into downloading malware from spoofed presidential candidate Websites

Dark Reading Staff, Dark Reading

November 1, 2007

2 Min Read

BOULDER, Colo. -- Webroot Software, Inc., a leading provider of Internet security software for the consumer, enterprise and SMB markets today urged Internet users to use caution when searching online for information on presidential candidates. Webroot has detected links to malicious software downloads from spoofed presidential candidate websites.

“With campaigning in full swing for the 2008 presidential election, we are beginning to see an increase in spoofing right now. Internet users need to think about protection and good habits when surfing online for candidate information or donating,” said Mike Irwin, COO, Webroot Software. “Because cyber criminals are targeting the most heavily trafficked websites, voters seeking candidate information have to use caution when visiting these sites. Do not download applications such as screensavers or videos unless you know they are coming from a trusted source. Voters need to realize that this type of behavior will make them more susceptible to an attack from hackers.”

Most users will encounter these fraudulent websites when conducting a search using popular search engines. They will either unknowingly select a wrong URL from a list returned from a search, or have a slight misspelling of a name that will lead to one of these spoofed sites. These sites are designed to appear as legitimate candidate web pages and lure visitors to click on links, donate or download screensavers or videos. Once clicked, the links can then download a variety of spyware. One popular version is a Trojan horse known as Zlob that can then deploy unauthorized spyware to provide remote access to a computer for spamming attacks, to capture keystrokes, steal passwords or take over a users’ identity.

Webroot recommends that Internet users only download presidential candidate information from trusted, secure websites, such as the official candidate’s website. Additionally, the company suggests users run updated versions of best-of-breed antispyware and antivirus solutions and to scan their entire system at least once a week. There are a few simple things Internet users can do right away to help prevent further spyware infection:

  • Update your operating system and security patches regularly

  • Increase your browser security settings

  • Only download software from sites you trust

  • Use antivirus protection and a software firewall

  • Always include a best-of-breed antispyware

  • Use privacy software to remove passwords and IDs after using them

  • Install only mainstream software and read the End User License Agreement (EULA)

“We initially saw these types of spoofs surrounding the Barack Obama and Ron Paul websites,” added Irwin. “But we are finding that the spoofs intensify at the end of the month and will expect to see them intensifying as the candidate sites begin to see more traffic during the later phases of the campaign or during major fund-raising drives.”

Webroot Software Inc.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights