Published on 22 Aug 2023 | Updated on 22 Aug 2023
With the widespread adoption of digital usage, many activities that were traditionally conducted in person have shifted to the digital space or transformed into a hybrid format. Election campaigning is one such example, with election candidates conducting campaign activities online to expand their reach to the electorate. Some examples include the use of social media to hold online rallies or leveraging Zoom to host Q&A sessions.
However, this shift to the digital space provides cyber threat actors with more opportunities to conduct cyber-attacks against unsuspecting victims. This advisory provides voters with information on potential cyber threats and the measures that can be taken to mitigate or reduce the risk of falling victim.
During an election, threat actors may take advantage of election fervour and incorporate election-based themes in their attacks to increase their chances of success. Some of these potential cyber threats include:
Threat actors may compromise the social media accounts of election candidates and political parties or create fake social media accounts to launch phishing attacks. Threat actors could also create websites that mimic the content of official campaign websites to carry out social engineering attacks. During such attacks, unsuspecting victims may inadvertently provide sensitive information or perform financial transactions at the behest of the threat actor impersonating the election candidate or political party as a gesture of support.
Threat actors may attempt to trick voters or members of public into downloading malware masquerading as legitimate software widely used during the election campaign. Such software may include video conferencing applications (apps) that election candidates and political parties use to conduct their campaign activities online. When downloaded and installed onto the victim’s device, the malware could potentially lead to unauthorised access, data breaches or other malicious activities.
To better defend against such cyber threats, voters and members of public should adopt the following cyber hygiene measures:
Be vigilant when receiving emails and messages, particularly those asking for sensitive information or requests for financial payments. This stance should not change even if the purported sender of the email or message is from an election candidate or political party. To check if the email or message is authentic, voters and members of public should:
It is crucial for voters and other members of the public to exercise discernment when encountering information requests on social media platforms, messaging platforms and websites during the election period. By being vigilant and critically assessing the information received, you can safeguard yourself from potential monetary losses and protect your devices from malware infection.