The Threat of Political Phishing

The International Symposium on Human Aspects of Information Security & Assurance, 2008

18 Pages Posted: 23 Aug 2009 Last revised: 13 Jul 2014

Oliver Friedrichs

affiliation not provided to SSRN

Markus Jakobsson

affiliation not provided to SSRN

Christopher Soghoian

Yale University - Yale Information Society Project

Date Written: July 1, 2008

Abstract

Internet based donations to political candidates are now a vital part of any successful campaign. Tens of millions of dollars are raised online each year, primarily in sub one hundred dollar amounts from individuals around the country. Politicians have exempted their own campaign donation solicitation emails from federal anti-spam legislation, and their campaigns encourage risky behavior by teaching users that it is OK to click the 'donate' button on an unsolicited email that arrives from a candidate. While not yet a major problem, fraudulent websites that masquerade as genuine campaign sites aiming to defraud donors are a significant threat on the not-so-distant horizon. These political phishing sites are easy to create, and extremely difficult for users to detect as not authentic. In this paper, we discuss threats against online campaign donation systems, and the unique factors which make this type of online commerce particularly vulnerable to fraud based attacks. We explore the threat that phishing attacks utilizing typo squatting and cousin domain names could pose to the 2008 presidential election. Finally, we propose a realistic and cost-effective solution to the problem.

Suggested Citation

Friedrichs, Oliver and Jakobsson, Markus and Soghoian, Christopher, The Threat of Political Phishing (July 1, 2008). The International Symposium on Human Aspects of Information Security & Assurance, 2008. Available at SSRN: https://ssrn.com/abstract=1459790 or http://dx.doi.org/10.2139/ssrn.1459790

Oliver Friedrichs

affiliation not provided to SSRN

Markus Jakobsson

affiliation not provided to SSRN

Christopher Soghoian (Contact Author)

Yale University - Yale Information Society Project ( email )

127 Wall Street
New Haven, CT 06511
United States

Paper statistics

Downloads
214
Rank
116,918
Abstract Views
2,184