Highlighting growth of phishing and digital scam campaigns targeting United States citizens, Bolster, a leader in multi-channel phishing protection, today released new research, "Phishing in Focus: A 2024 Mid-year Report on AI, Disinformation, Election and Identity Fraud," identifying 24 separate nation-state threat actor groups attempting to exploit rising political tensions across the U.S. to interfere with the 2024 presidential elections.
"We know the frequency of phishing attacks is increasing, as hackers utilize AI to execute more scams than ever before. In fact, phishing scams are being hosted in the U.S. at a rate of nearly double, compared to 2023. The trend is only accelerating. In May alone, we logged a daily average of more than 45K malicious phishing sites," said Abhilash Garimella, vice president of Research at Bolster. "More troubling, our researchers identified packages of voter data stolen over the past decade, for sale on the dark web and used by threat actors to create fake identification cards, potentially leading to identity theft or voter fraud."
Nation State Threat Groups Actively Target the 2024 Election
Attackers are leveraging AI to automate mass spam campaigns, and to reply in real-time. This targeting and interactivity at scale increases their chances of gaining access to more sensitive data. The influx of election-themed spam is a significant cyber threat, causing widespread confusion among citizens and undermining trust in legitimate election communications. Attackers aim to capture sensitive financial information, login credentials, or personal data from unsuspecting individuals by exploiting their trust in familiar communication channels and creating a false sense of urgency by sending messages through multiple channels.
China, Russia and Iran are Most Active
Of the 24 threat actor groups targeting the U.S. election, 75% came from either China, Russia or Iran. Data breaches have exposed voter information, giving threat actors access to databases of personal identifiable information (PII), making fraud and identity theft easier to perpetrate. Bolster has also identified databases of voter data with more than 100,000 data points from state-level breaches dating back to 2015 for sale on the dark web.
Multiple threat actors are also capitalizing on this stolen data by providing fully editable PSD templates with complete Know Your Customer (KYC) details for identification cards, potentially leading to identity theft and voter fraud at scale. These templates enable individuals to build counterfeit IDs including personal information obtained through phishing or data breaches.
Unfortunately, not even the U.S. military and government are immune from being targeted through .mil and .gov email addresses. The report found that threat actors are breaching accounts and selling access to them on the dark web. Criminals then exploit the credibility associated with a U.S. government email account to deceive users into believing requests are legitimate, and resulting in disclosure of confidential data, for example, using counterfeit Emergency Data Requests (EDRs).
To learn more, or to download a copy of "Phishing in Focus: A 2024 Mid-year Report on AI, Disinformation, Election and Identity Fraud," please visit http://bolster.ai/2024-mid-year-phishing-report.
