2024 election

How to avoid election related scams

With the US election campaigns at full throttle, scammers have taken a renewed interest in the ways this can be used to defraud people, often using the same tactics legitimate campaigns leverage for support (emails, text messages, phone calls, and social media pleas).

The lure that we have seen the most involves asking people to donate to a campaign. Whether that comes in by mail, text, phone call, or on social media, that money isn’t going to any of the candidates.

Text asking who you are voting for leading to a fake survey
This sender does not care who you want to donate to

If those scam campaigns aren’t directly after your money, they might well be phishing for personal information.

These phishers also use fake surveys pretending to be a volunteer for one of the political parties and will ask you for personal information directly or get on your nerves by engaging in discussions about controversial subjects.

survey site that asks for personal details and credit card information
A survey site that asks for personal details and credit card information

Another method besides surveys are voter registration scams where the scammer poses as an election official and asks you to update your voter registration, or tell you that you can register to vote over the phone. Reminder, here is how you can securely register to vote.

Example voter registration scam
Example voter registration scam courtesy of KrebsOnSecurity

These scams are not only after your personal information but sometimes have the audacity to ask you to pay for completing your voter registration paperwork—something that is never asked in legitimate voter registration.

How to stay safe

Watch out for fake emails

With the increasing use of AI by cybercriminals, it has become more difficult to spot fake emails. Looking for spelling errors is of no use anymore, but a few golden rules still apply to unsolicited emails:

  • Don’t open attachments.
  • Hover over the link(s) in the email. If they are different from the one that is displayed this is a red flag.
  • Don’t let any sense of urgency expressed in the email rush you into a hasty decision.
  • Check the sender’s email address is what you’re expecting. Note: these can be spoofed so this is not a guarantee, but anything that doesn’t look genuine definitely won’t be.

Donate safely

If you decide to sponsor a candidate, do not follow any links provided in text messages, emails, or on social media.

Find the official site for your favorite candidate and follow the instructions there. If you use Google or any other search engine to find the official site, do not click on the links in the sponsored ads. We have found too many cases where these went to false sites.

Ignore text messages

This is an easy one: just ignore them. Honest. Anyone texting me requests out of the blue will find my cold shoulder. Do not even respond, because that will tell them you read the message.

Avoid robocalls

When you receive a call from someone outside your contact list only to hear a recorded message playing back at you, that’s a robocall. Here’s what to do:

  1. Hang up as soon as you realize that it is a robocall.
  2. Don’t follow any instructions or give away personal information. In fact, don’t engage with the call at all.
  3. Report the robocall.
    • If you’ve lost money to a phone scam or have information about the company or scammer who called you, tell the FTC at ReportFraud.ftc.gov.
    • If you didn’t lose money and just want to report a call, use the streamlined reporting form at DoNotCall.gov
    • If you believe you received an illegal call or text, report it to the Federal Communications Commission (FCC).

It’s important to not engage in any conversation or respond to any prompts in order to minimize the risk of fraud. Even the smallest snippets of your voice being recorded can be used in scams against you or your loved ones.

If you have an iPhone, let Malwarebytes intercept your robocalls (by installing our app).

Don’t give away personal information when filling in surveys

Don’t engage in surveys that ask for personal information. And when giving out information remember what they already know about you. How did they contact you? If by email that means they already have your email address and your responses can be combined with the information they already have based on that.

Consider your payment method

There are two major considerations to make when you decide on a payment method for donating to a political campaign.

  • How much of your donation ends up at the right place? Most payment providers charge transaction fees that decrease the amount of the actual contribution, and  the fee amount is not the same for all of them.
  • When making a donation, consider which payment method offers you the best protection. Credit cards are better than debit cards because they offer more protection against things like identity theft and fraud. E-checks are another popular payment option that can be an alternative, but e-checks require your routing number and account number, which could leave you more exposed.

The old-fashioned way of sending a check in the mail is not as popular but covers both transaction fees and security worries. Although for a small amount, the time needed to process them is a new factor.

Always monitor your accounts

Monitoring your account activity is one of the most effective ways to protect yourself from fraud. Especially when you’re in doubt about a recent transaction like a donation that doesn’t sit right in retrospect. The sooner you notice unauthorized activity, the sooner you can intervene and prevent further damage.

Some things you can do are:

  • Daily checks on your account activity through online banking.
  • Many banks offer the opportunity to send you notifications of larger or unusual transactions. Turn those on, preferably by email or text so you’ll see them as soon as possible.
  • When you see something suspicious, notify your financial institution immediately so they can assist you in keeping your money safe.

ABOUT THE AUTHOR

Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.