FBI: Election officials in at least nine states received invoice-themed phishing emails in 2021

The FBI is warning state and local government officials across the country to be wary of phishing emails designed to steal credentials ahead of the midterm elections in the coming months. 

In a private industry notice on Tuesday, the FBI’s Cyber Division said US election officials in at least nine states received invoice-themed phishing emails containing links to websites intended to steal login credentials as of October 2021.

“If successful, this activity may provide cyber actors with sustained, undetected access to a victim’s systems,” the FBI explained. 

“These emails shared similar attachment files, used compromised email addresses, and were sent close in time, suggesting a concerted effort to target US election officials.”

There is likely to be an increase in these kinds of phishing attacks targeted at US election officials as we get closer to November, according to the FBI, which said the assessment is based on reports of phishing attacks that “had the characteristics of a coordinated, ongoing effort to target US election officials.”

Election infrastructure will be proactively monitored by both the FBI and state, local, territorial, and tribal partners as they try to figure out potential targets and identify the threat actors, the notice said. The FBI did not name any groups or countries that it suspects may be linked to the attacks.

Three examples highlighted

The FBI also shared three detailed examples of situations from October 2021 where election officials faced these kinds of threats. 

On October 5, threat actors targeted election officials in at least nine states as well as representatives of the National Association of Secretaries of State with emails that had the same attachment – titled “INVOICE INQUIRY.PDF” – that took victims to a credential harvesting website.

The FBI noted that one of the accounts that sent the phishing email was a compromised US government official’s email account.  

Two weeks later, on October 18, two email addresses sent phishing emails to election officials in an unnamed county that had malicious Microsoft Word documents attached. The documents also took victims to credential harvesting websites. 

The next day, spoofed emails from a US-based business targeted at an election official contained a malicious Microsoft Word document titled, “Current Invoice and Payments for report.”

The FBI report comes one day after US President Joe Biden released his $5.8 trillion budget request for the coming fiscal year. 

Biden proposed $250 million in election innovation grants for local governments as well as a 10-year, $10 billion grant program within the Election Assistance Commission for investments into voting machine improvements and election security.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.