Scammers Spoof MAGA Hat Vendors to Steal $2.3m from Republicans

Written by

The Wisconsin Republican Party (WisGOP) has been left red-faced after a suspected Business Email Compromise (BEC) attack stole millions of dollars intended to support Donald Trump’s re-election bid.

The party issued a statement on Thursday revealing that it discovered a phishing attack a week previously, on October 22, and promptly notified the FBI.

According to the statement, attackers had forged invoices and sent them to the party under the names of legitimate WisGOP vendors.

This sounds like a classic BEC attack, in which cyber-criminals hijack a target’s inbox via phishing to monitor emails sent back and forth with vendors. They’re then able to spoof those vendors, sending invoices to the targeted organization with their own bank details at the bottom.

“Cyber-criminals, using a sophisticated phishing attack, stole funds intended for the re-election of President Trump, altered invoices and committed wire fraud. These criminals exhibited a level of familiarity with state party operations at the end of the campaign to commit this crime,” said state party chairman, Andrew Hitt.

“While a large sum of money was stolen, our operation is running at full capacity with all the resources deployed to ensure President Donald Trump carries Wisconsin on November 3.”

The attack has extra significance given that Wisconsin is a key swing state which Trump won by only around 20,000 votes last time, so every last penny will be needed as both parties step up their campaigning.

According to reports, the vendors in question sold the party pro-Trump hats and other items to be handed out at rallies, as well as direct mail services.

DomainTools senior security advisor, Chad Anderson, explained that BEC is on the rise.

“Cyber-criminals appear to be discovering the reality that as opposed to engaging with ‘wide-net’ phishing campaigns, they can save time and energy in researching one individual within a business and sending them a targeted email,” he continued.

“Sites such as LinkedIn make this incredibly easy to achieve, allowing a threat actor to research members of staff in an organization with a few clicks. In order to avoid the exponential growth of these scams continuing, businesses need to engage in robust training and awareness campaigns with staff, as well as investing in an email filtering system which is regularly audited and updated.”

BEC was responsible for over half of all cybercrime losses reported to the FBI last year, standing at nearly $1.8bn.

What’s hot on Infosecurity Magazine?