"Malicious Emails Surged for Election Workers in 2 Battleground States Ahead of Primaries"
According to research shared by the cybersecurity firm Trellix, county election workers in Arizona and Pennsylvania experienced a spike in malicious emails ahead of the states' primaries earlier this year. Trellix security researchers stated in a blog post outlining their findings that they focused their investigation on county election workers because they are the least sophisticated actors in terms of cybersecurity postures, but the most critical in actual electoral engagement with voters. The number of phishing scams detected in the Arizona state targeting county election workers more than tripled from 617 in the first quarter of 2022 to 2,246 by the end of the third quarter. Prior to Pennsylvania's May 17 primaries, the firm's security researchers observed a similar increase in the number of malicious emails targeting county election workers in Pennsylvania. As the primary approached, the number of detected malicious emails increased significantly, rising from 1,168 in the fourth quarter of 2021 to 7,555 by the end of the second quarter of 2022. Trellix discovered two malicious email campaigns aimed at county election workers, including a well-known password theft phishing scheme and a newer phishing scheme attempting to exploit the absentee ballot administration process. In the password phishing campaign, officials received emails claiming that their email passwords were about to expire in an attempt to lure them to a fake administrative webpage where they were prompted to enter their current username and password login credentials. The second phishing scheme discovered by Trellix during its research involved bad actors using a compromised or forged email thread between a county election worker and a government contractor who distributed and collected absentee ballot applications. The most recent email in the thread attempted to persuade the county election worker to download monthly receipts from a Microsoft OneDrive link, which security researchers discovered was tainted with malware capable of infecting the election worker's system and possibly gaining access to other systems across their organization's networks. This article continues to discuss the increase in phishing schemes ahead of primary elections in Arizona and Pennsylvania.