Suspicious domains targeting Trump and Biden on the rise – interview

At least 11,974 suspicious domains targeting former President Donald Trump or President Joe Biden have been created since the beginning of last year, followed by hundreds of imposters on social media, cybersecurity firm BrandShield shared with Cybernews. And there’s more to come in a coordinated effort by bad actors to exploit interest in the elections.

Between January 2023 and March 2024, at least 9,639 suspicious domains were registered to impersonate Trump. For Biden, such registrations stood at 2,335 – more than four times fewer.

“In general, what we're seeing lately is an increase in fraudulent websites, social media-based scams, and other internet activities around the elections. These websites and social media accounts solicit voters for donations or offer merchandise sales. These pages are not affiliated with the real campaigns, they are scams,” Yoav Keren, CEO of BrandShield, told Cybernews.

He noted that Trump-related domain registrations spiked by 197% after his arrest in July. Another spike was witnessed ahead of Super Tuesday, though smaller. Fraudsters more frequently use Trump's name, trying to scam people with fake merchandise like sneakers.

“We've seen specifically that fraudsters are targeting Trump mostly because he has a longer list of products, different product lines. He's selling merchandise specifically – recently, he had the golden sneakers,” Keren explained. “Fake websites are often designed to dupe voters by soliciting donations or selling merchandise – both of which are not affiliated with the actual campaign.”

BrandShield, in its analysis, only included domains that contained the name of Trump or Biden, as well as variants with some misspellings.

More fake candidates on social media

While scam web pages are frequently designed to defraud people for financial gain, threat actors often choose social media to spread misinformation. And there are many new accounts impersonating Biden or Trump on Tiktok and Instagram.

“We’ve also found a lot of, hundreds of fake social media accounts targeting Donald Trump – 748 to be exact, across TikTok and Instagram. For Biden, slightly fewer – about 612 on TikTok and Instagram,” Keren said.

“This is getting worse”

To put the numbers into perspective, scammers created around 170 scam websites impersonating Amazon Prime Day last summer. With half a year remaining until the election, fraudsters have in advance already prepared an infrastructure dozens of times larger.

“This is starting way ahead. Usually, a campaign would not need thousands of websites. You'll need maybe a few, maybe dozens. Not thousands. It doesn't make any sense,” Keren said.

He calls the fraudulent infrastructure “massive” and assumes it will continue to grow, both in numbers and activity.

“These are the grassroots of the scams. But then they turn to actual scams, actual active websites, actual social media engagements that are performed by the scammers,” Keren explains. “9,600 domains using the word Trump – potentially each one of them can turn into a website that is active and sending emails. I’m not saying all of them will. Don't get it wrong, 2,300 targeting Biden is also a big number.”

Yoav Keren
Yoav Keren

A single fraudulent website can become a big platform for scams, fake news, and misinformation distribution. They can look legitimate, but threat actors will be using them for impersonation, manipulations, collecting donations, or asking to “sign up for something.”

“I think this is getting worse. First, there's a direct financial risk. They’re selling fake merchandise, stealing people’s Social Security numbers and credit card information”, Keren said. “And misleading information is naturally something that endangers democracy in general because it is potentially having a big influence on people's minds and people's thoughts.”

Advancements in artificial intelligence enable bad actors to scale operations, Keren warns.

“It allows scammers to more easily create fake accounts, fake pages, images, even voice in the deep fake videos. It's much easier today. You’re going to see a lot of impersonation activities on these platforms.”

Social media platforms “should do more”

Keren believes both the campaigns and the social media platforms “should do a lot, a lot more to eliminate these fake websites and social media activities.”

“They can do a bit more screening there. If someone calls himself Donald Trump on a social media account and puts on a Donald Trump picture, and it's not the official Donald Trump Facebook page, Instagram page, or TikTok page, you can take it down without asking, without waiting for anyone to report that. Right?” Keren said.

“At least require some kind of identification – is it something related to the actual campaign? Don’t just allow anyone. You can just go online right now and open an account and say you're President Biden, and no one stops you from doing that. And this is definitely an issue."

Keren also wondered that many industries use digital risk protection services that take down scams, fake domains, fake websites, fake social media accounts, and counterfeited merchandise – election campaigns should also do that more actively.

The users themselves should also be attentive, and Keren advised to check the obvious things first.

"When you go on a website, check the URL and domain name. Make sure it doesn't have typos because if it does, it's likely a scam. It may also be a very long URL or a confusing subdomain – do some research. Go online and search for the main campaign website. Ensure that if you want to donate, buy merchandise, or anything of that sort, you're on the official website of the campaign you intend to support."

Users should also be wary when encountering ads related to political campaigns. Scammers buy ads, too.

“Make sure that you can reach that site, donation page, or merchandise page directly from the main campaign website,” Keren said. “On social media, if someone contacts you through text messages and sends you all kinds of links, whether it's on Instagram, Messenger, WhatsApp, or any other platform, again, be very, very careful. Make sure not to click those links, do not provide any personal details.”

More from Cybernews:

Confused robo-taxis block freeway in San Francisco

LabHost platform shut down by law enforcement

TikTok starts testing its Instagram-like app

Elon Musk hints at resurrecting Vine

Russian ops target US elections as battle over false info begins

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked