By Joseph Menn
SAN FRANCISCO (Reuters) – Tens of thousands of emails sent on Thursday that asked recipients to volunteer for the Democratic Party ahead of the November U.S. election actually came from email scammers and carry malicious software, according to researchers at cybersecurity firm Proofpoint.
The emails borrow language from the website of the Democratic National Committee and seek to leverage interest in the U.S. presidential election following the first televised debate Tuesday between Republican President Donald Trump and Democratic contender Joe Biden, said Sherrod DeGrippo, senior director of threat research at Proofpoint.
The Word document attached to the spam contains miniature programs known as macros that, if enabled by the recipient, install a password-stealing program known as Emotet, DeGrippo said.
“We know that attackers will use themes and current events in the hopes of compromising people,” DNC spokesman Chris Meagher said. “The DNC takes cybersecurity seriously and encourages everyone to be vigilant when opening emails and attachments to protect themselves.”
The emails come less than five weeks before the Nov. 3 election.
Some 30,000 emails had been sent with the DNC theme by early evening on the East Coast, the Proofpoint researchers said.
The emails appear with different sender names and subject lines, but all assert in the text that they are sent on behalf of the DNC and ask for volunteers, declaring: “the way we win is by organizing.”
The attachment is sometimes titled “Team Blue Take Action,” according to an email intercepted by Proofpoint.
DeGrippo said she believes the email senders are motivated by money, not politics. “They want to get the most clicks.”
Emotet steals financial passwords and usually installs other malicious programs that can be controlled remotely, among other things enabling ransomware, DeGrippo said.
(Reporting by Joseph Menn; Editing by Greg Mitchell and Leslie Adler)
