The growing use of the internet as a communication and fund-raising medium by presidential candidates has a nasty new doppelganger - an elaborate, if short-term, revenue stream flowing to online crooks.
Perpetrators are busy setting up spoofed presidential candidate sites designed to lure unwary voters into parting with their money, their personal data or both, according to security vendor Webroot Software.
The sites are designed to look like legitimate candidate web pages, with solicitations for visitors to click on links, make donations or download screen savers and videos. Those who click on the poisoned links can get infected with a variety of spyware programs and other malware programs, company executives said today.
One such malicious program is a Trojan horse called Zlob; a relatively venerable piece of code, Symantec identified the same Trojan years ago as Trojan.Zhopa. It's designed to deploy various malware tools capable of giving attackers remote access to a compromised system, or of stealing keystrokes and passwords.
Many of the spoofed websites use URLs that take advantage of typographical and spelling errors that a user might make when entering a candidate's website address according to Peter Watkins, CEO of Webroot. Barack Obama and Hillary Clinton appear to be particularly popular choices among those seeking to set up such spoofed sites, he said, probably because people have a harder time spelling their names.
Initially most of the spoofs involved Obama and Ron Paul websites, according to Webroot. But lately, there has been an increase in the spoofing of other candidate Web sites as well.
"What we are seeing is a real explosion in these kinds of sites this year," Watkins said, noting that the 2008 election run-up is the first in which presidential hopefuls have embraced the web in such a major way.
A substantial portion of the hundreds of millions of dollars that candidates are expected to raise this year is likely to be gathered via the internet and criminals want to be in on that action. "Crooks and criminals always follow the money," Watkins said.
It is surprising, he noted, that most of the campaigns appear not to have made the effort to register domain names involving common misspellings and transpositions of their names. Taking that measure would have reduce the potential for crooks to register domains that users could accidentally end up on because they mis-typed a word or misspelled a candidate's name.