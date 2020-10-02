WASHINGTON D.C. (ABC4 News) – An announcement issued by the FBI and CISA (Cybersecurity and Infrastructure Agency) aims to help people learn about and recognize “spoofed election-related internet domains and email accounts targeting the 2020 election year.

The agencies say that these false accounts are leveraged by foreign actors and cybercriminals. The trick is they can easily be mistaken for legitimate websites or emails.

The spoofed domains and email accounts are used to send false information, gather usernames, passwords, and email addresses. They can also collect personally identifiable information, and spread malware. The malware can cause other problems and could lead to financial losses.

How you can tell if you see a spoofed domain

Cybercriminals set up false domains with slightly altered or changed characteristics of the real website.

According to the FBI and CISA’s release:

“Cyber actors set up spoofed domains with slightly altered characteristics of legitimate domains. A spoofed domain may feature an alternate spelling of a word (“electon” instead of “election”), or use an alternative top-level domain, such as a “[.]com” version of a legitimate “[.] gov” website. Members of the public could unknowingly visit spoofed domains while seeking information regarding the 2020 election. Additionally, cyber actors may use a seemingly legitimate email account to entice the public into clicking on malicious files or links.”

Credit: FBI

The agencies urge everyone to be careful and critically evaluate the websites you visit. Be on the alert to the emails sent to your personal and business email accounts.

Seek out verified information on election information.

Here are the FBI and CISA’s recommendations to avoid false websites:

Verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be close imitations of legitimate election websites.

Seek out information from trustworthy sources, verifying who produced the content and considering their intent. The Election Assistance Commission (https://www.eac.gov) provides a vast amount of verified information and resources.

Ensure operating systems and applications are updated to the most current versions.

Update anti-malware and anti-virus software and conduct regular network scans.

Do not enable macros on documents downloaded from an email unless absolutely necessary, and only then, after ensuring the file is not malicious.

Disable or remove unneeded software applications.

Use strong two-factor authentication if possible, via biometrics, hardware tokens, or authentication apps.

Do not open e-mails or attachments from unknown individuals. Do not communicate with unsolicited e-mail senders.

Never provide personal information of any sort via e-mail. Be aware that many e-mails requesting your personal information appear to be legitimate.

What you should do if you find a spoofed website, domain, or email

According to the release sent out via twitter by the FBI:

“The FBI is responsible for investigating and prosecuting election crimes, malign foreign influence operations, and malicious cyber activity targeting election infrastructure and other U.S. democratic institutions. CISA helps critical infrastructure owners and operators, including those in the election community, remain resilient against physical and cyber threats. The FBI and CISA provide services and information to uphold the security, integrity, and resiliency of U.S. electoral processes.”

“The FBI encourages the public to report information concerning suspicious or criminal activity to their local field office (www.fbi.gov/contact-us/field-offices) or to the FBI’s Internet Crime Complaint Center (www.ic3.gov). For additional assistance, best practices, and common terms, please visit the following websites:”