Oct 20 / Admin

New Scam Alert: 2022 Election Phishing Attacks Target Election Workers

Trelix reported:

It uses a fraudulent password expiration alert to lure election workers to a bogus administrative webpage where they are prompted to enter their current username and password login credentials.

The attacker’s phishing email informs the user that her password is about to expire, at which time she will lose the network access she needs to complete the tasks her job requires.

The election worker fears her organization’s IT administrator is urgently beckoning her to change her password before she is locked out and cannot do her job. If she clicks on the email links, she is taken to a landing page where she is told she can keep or change her password if she submits her current username and password and a new password (if she chooses).

At this point, the attacker has possession of the user’s login credentials and can use them to access whatever organizational assets she can access across the election administrator’s networks.

Find out more with the original article here.

Enroll in Training Sessions:  Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
* indicates required