Phishing on the Campaign Trail

Charityor Chicanery?

Thishasbeenayearfilledwith

naturaldisasters–tornadoes,

earthquakes,droughts,wildfires,

andfloods.Thedevastationto

livesandpropertyhasbeen

overwhelmingandmakesuswant

tohelpthevictims,frequently

throughdonationsofmoney.

Butbecareful:theFederalInternet

CrimeComplaintCenter(IC3)has

issuedanalertwarningyouthatbad

timesfrequentlybringoutbadpeople.

Whenyoumakeadonationtoacharity,

besuretoprotectyourselfbyfollowing

thesestraightforwardguidelines:

•Neverrespondtounsolicitedemail.

Deleteit.

•Beskepticalofpeoplerepresenting

themselvesasofficialsusingemail

tosolicitfordonations.

•Neverclickonalinkinan

unsolicitedemail.

•Becautiousofemailclaiming

tocontainpicturesinattachments.

Theattachmentsmight

containviruses.

•Donatedirectlytoknowncharities.

Ifyouarenotfamiliarwitha

particularcharity,theInternet

canprovideawealthofinformation.

Byusingthiseasystrategy,you

canensurethatyourhard-earned

dollarsaregoingexactlywhere

youwantthemtogo.

Fall2008

WhenU.S.legislatorsratifiedtheAnti-Spam

Actof2003,therewasanotableexclusion–

politicalcandidatesarestillallowedto

solicitcontributionsviaemail.Thisisa

mixedblessing.Itallowspolitical

candidatestoquicklyreachmillionsof

potentialcontributors,butitalsoprovides

agoldenopportunityforphishers.

Duringthe2000presidentialelection,phishing

wasstillinitsinfancyanditsimpactwas

minimal.Thenin2004,phisherstargetedthe

Kerry-Edwardscampaignbecausetheywere

activelyusingtheInternettocommunicate.

Oneoftheknownattackswasanemail

directingpeopletoaphonywebsitesoliciting

donations.Manypeoplewillinglyprovided

creditcardandotherpersonalinformation

thinkingthattheyweresupportingtheir

chosencandidate.

Inanotherscam,anemailrequestedthat

therecipientcallaspecific900numberto

discusstheissues.Thosewhocalledthe

numberwerebilledat$1.99perminute.

Neitherperpetratorwascaught.

Nowphishingattackshavegainedmomentum

andthe2008presidentialcampaignisa

well-stockedphishingpond!Herearesome

commonsensesuggestionstomakesure

yourmoneygoeswhereyouwantitto.

1. Ifyoureceiveanemailsolicitingadonation,doalittleresearchbeforeresponding.Bothcandidatesandphishersarecountingonyourimpulsiveness.

2.Donotclickonanylinkintheemailorviewanyattachments.Thesafestactionistocontactlocalcampaignheadquartersbytelephoneorinperson.Theycangiveyoutheofficialcampaignwebsiteaddress.

3.Beawarethatthereare“soundslike”webURLsthatcanbeusedforphishingexpeditions,somakesureyourepeatthewebsiteaddressbacktoverifyit.

4.Keepinmindthatyoushouldcontactthem.Donotrespondtoanunsolicitedtelephonerequestforacampaigncontribution.Unsolicitedcallscanbevishingattacks!

Theelectionpromisestobeanexcitingone

andweencourageyourparticipation–just

doitinawaythatprotectsyourpersonal

financesandinformation!

PhishingontheCampaignTrail

Protectingyourselfagainstphishingattacksisreallyquitesimple.

1. Make a call to verify information.Makesureyouusethephonenumberinyour

rolodex,notoneprovidedinasuspiciousemail.

2. Type it yourself. Don’tjustclickonalinkorcutandpasteitontoyourbrowser.

TypeyourtrustedURLyourselfandyou’llgettotherealdestination.

3. Beef up your security. There’snogoodreasonnottohaveanti-virus,anti-spam,and

spywaredetectiononyourcomputer.Thereareinexpensivesoftwarebundlesavailable

andevenfreeprogramsyoucandownloadfromtheInternet.

4. Read your bank and credit card statements. Takeaquickscanofyourstatements

assoonastheyarrive.Ifyouseesomethingsuspicious,it’smuchbettertocheckitout

soonerratherthanlater.

5. Recognize the Sharks. VisittheMaineAnti-PhishingCoalitionwebsiteatwww.noPhishing.org

forthelatestinformationonphishingattacksandlinkstohelpfulresources.

FiveEasyPieces(ofadvice)

TheOfficialNewsletterofnoPhishing.org

MEAPC.3120-13.noPhishingNewsletterIII v3.indd 1 8/15/08 3:13:37 PM

W H AT TO D O I F yO U S U S P EC T yO U ’ V E

• Immediately notify your bank.

Bepreparedtoprovidethebank

withasmuchinformationaspossible.

Theymayrequestthatyouforwardthem

thephishingemail.

• Place a fraud alert on your credit report

bycontactinganyofthethreeconsumer

creditbureausbelow.

– Equifax:1-800-525-6285;

www.equifax.com;P.O.Box740241,

Atlanta,GA30374-0241

– Experian:1-888-EXPERIAN

(397-3742);www.experian.com;

P.O.Box9532,Allen,TX75013

– TransUnion:1-800-680-7289;

www.transunion.com;FraudVictim

AssistanceDivision,P.O.Box6790,

Fullerton,CA92834-6790

Contactingoneofthesecompanies

automaticallyalertstheothertwo,who

willalsoplaceanalertintheirrecords.

Whenyoucall,aninitial90-dayfraudalert

willbeplacedonyourcreditreportanda

freecopyofyourreportwillbesenttoyou.

Thefraudalertpreventsanynewaccounts

frombeingopenedinyournamewithout

permission.Aftertheinitialfraudalerthas

expired,ifyou’vefiledapolicereportyou

canrequestanextended7-yearfraudalert.

Toobtainanextendedfraudalert,youmust

providethecreditbureauswithacopyof

yourinitialpolicereportandanyother

fraudreportstheymayrequire.

AsofFebruary,2006,Mainebecameone

ofseveralstatestoallowconsumersto

“freeze”theircreditreports.Withcertain

specificexceptions,asecurityfreeze

prohibitsacreditbureaufromreleasing

yourcreditreportoranyinformation

fromitwithoutyourexpressauthorization.

Thefreezegoesintoeffectfivebusiness

daysafterthecreditbureauhasreceived

yourletter.Aftertenbusinessdaysfrom

receivingyourlettertoplaceafreezeon

youraccount,thecreditbureauwillsend

youaconfirmationlettercontaininga

uniquePIN(personalidentificationnumber)

orpassword.KeepthisPINorpasswordin

asafeplace.Ifyourcreditfilesarefrozen,

evensomeonewhohasyournameand

SocialSecurityNumberprobablywould

notbeabletoobtaincreditinyourname.

Asecurityfreezeisfreetoidentity

theftvictimswhohaveapolicereport,

investigativereport,oracomplainttoa

lawenforcementagencyconcerning

identitytheft.

Toplaceafreeze,youmustwritetoeach

ofthethreecreditbureaus.Creditbureaus

chargea$10fee,unlessyouareavictim

whosendsacopyofyourpolicereport,

investigativereport,oracomplainttoa

lawenforcementagencyconcerning

identitytheft.

Here’swhatelseyoushoulddo:

• File a reportwithlocallawenforcement.

• Review credit card or bank statements

tomakecertainallactivitywaslegitimate.

• Formoreinformationonidentitytheft,

visittheFTCIdentityTheftwebsite.

http://www.ftc.gov/bcp/edu/microsites/

idtheft

Protect yourself!

Thiscomprehensivewebsitehasa

wealthofusefulinformationtargeted

atprotectingyouandyourpersonal

informationfromphishingattacksand

identitytheft.Itincludescommonsense

suggestionsonhowtobestprotect

yourconfidentialinformation,

up-to-datereportsofscams,whatto

doifyouthinkyourinformationhas

beencompromised,andlinkstoseveral

otherhelpfulwebsites.There’sevena

fungamecalled“PhishingScams—

AvoidtheBait”whichtestsyourability

torecognizeaphishingattempt.

SponsoredbytheMaineAnti-Phishing

Coalition(MEAPC),thewebsitestrives

toprovidetimelyandusefultopics

foryourfinancialandcybersecurity.

Memberbanksworktogetherto

maintainthesiteandtocreateposters,

newsletters,andseminarsdedicatedto

increasingyourawarenessoftechniques

usedinphishingandotherscams.

Pleaseinvestafewmomentsofyour

timeexploringwww.noPhishing.org.

Itwillbetimewellspent.

B E E N P H I S H E D

ParticipatingBanksintheMaineAnti-PhishingCoalition

MEAPC.3120-13.noPhishingNewsletterIII v3.indd 2 8/15/08 3:13:43 PM

Phishing on the Campaign Trail

Documents

Lessons From the Marketing Campaign Trail: Using Social Media to Engage Multicultural Communities

The Campaign Trail

Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks

On the UK campaign trail

Lessons From The Political Campaign Trail For Corporate Marketers Presentation

Phishing and Anti-phishing techniques

On the campaign trail with congress candidate, priya dutt (pt 4)

The Quarterly Newsletter of Information Technology · In addition to this training, ITD has been running a Phishing campaign of its own through an external company. These test phishing

OILRIG CAMPAIGN ANALYSIS - LogRhythm · PDF fileOILRIG CAMPAIGN ANALYSIS Major Findings ... When translated from Turkish to English this likely means “military coup.” The phishing

Gone Phishing, an Anti-Phishing Program Journey€¦ · Gone Phishing, an Anti-Phishing Program Journey Ava Logan-Woods, Information Security Specialist Eshante Lovett, Information

On the Campaign Trail - ANU Presspress-files.anu.edu.au/downloads/press/p229551/pdf/ch112.pdf · On the Campaign Trail I am sufficiently behind the scenes to know the worth of political

“Super Tuesday” Webinar: Lessons from the Campaign Trail...1 “Super Tuesday” Webinar: Lessons from the Campaign Trail Prepared by: KRC Research | March, 2016 Send questions

Abbey-Chesterton Bridge on the Chisholm Trail · Briefing Note 2015/01 Cambridge Cycling Campaign 1 Abbey-Chesterton Bridge on the Chisholm Trail Introduction Cambridge Cycling Campaign

PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques

Hostile Media and the Campaign Trail: Perceived Media Bias ...terpconnect.umd.edu/~nan/738readings/Huge Glynn...Hostile Media and the Campaign Trail M. Huge & C. J. Glynn candidate

Detecting a Phishing Attack with Phishing Intelligence ... · Detecting a Phishing Attack with Phishing Intelligence Engine (PIE) 1 Phishing Statistics: What Every Business Needs

AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails

Fear and Loathing on the Campaign Trail: The Role of ...Fear and Loathing on the Campaign Trail: The Role of Terrorist Threat in Russian Election Campaigns ... what role do fear and

On the Campaign Trail with Congress Candidate, Priya Dutt (Pt. 1)

Phishing Campaign Targets Login Credentials of Multiple U.S., … · phishing page hosted on the malicious domain “40-71[.]xyz”. This document was submitted to VirusTotal in Mexico