Webroot Threat Advisory: Use Caution When Searching and Donating Online for 2008 Presidential Candidates

Internet Users Fooled into Downloading Malware from Spoofed Presidential Candidate Websites

Boulder, CO – November 1, 2007

Webroot Software, Inc., a leading provider of Internet security software for the consumer, enterprise and SMB markets, today urged Internet users to use caution when searching online for information on presidential candidates. Webroot has detected links to malicious software downloads from spoofed presidential candidate websites.

"With campaigning in full swing for the 2008 presidential election, we are beginning to see an increase in spoofing right now. Internet users need to think about protection and good habits when surfing online for candidate information or donating," said Mike Irwin, COO, Webroot Software. "Because cyber criminals are targeting the most heavily trafficked websites, voters seeking candidate information have to use caution when visiting these sites. Do not download applications such as screensavers or videos unless you know they are coming from a trusted source. Voters need to realize that this type of behavior will make them more susceptible to an attack from hackers."

Most users will encounter these fraudulent websites when conducting a search using popular search engines. They will either unknowingly select a wrong URL from a list returned from a search, or have a slight misspelling of a name that will lead to one of these spoofed sites. These sites are designed to appear as legitimate candidate web pages and lure visitors to click on links, donate or download screensavers or videos. Once clicked, the links can then download a variety of spyware. One popular version is a Trojan horse known as Zlob that can then deploy unauthorized spyware to provide remote access to a computer for spamming attacks, to capture keystrokes, steal passwords or take over a users' identity.

Webroot recommends that Internet users only download presidential candidate information from trusted, secure websites, such as the official candidate's website. Additionally, the company suggests users run updated versions of best-of-breed antispyware and antivirus solutions and to scan their entire system at least once a week. There are a few simple things Internet users can do right away to help prevent further spyware infection:

  • Update your operating system and security patches regularly
  • Increase your browser security settings
  • Only download software from sites y1ou trust
  • Use antivirus protection and a software firewall
  • Always include a best–of–breed antispyware
  • Use privacy software to remove passwords and IDs after using them
  • Install only mainstream software and read the End User License Agreement (EULA)

"We initially saw these types of spoofs surrounding the Barack Obama and Ron Paul websites," added Irwin. "But we are finding that the spoofs intensify at the end of the month and will expect to see them intensifying as the candidate sites begin to see more traffic during the later phases of the campaign or during major fund–raising drives."

For a complete list of the official campaign Website, please see below.
The Official 2008 Presidential Candidate Websites

  Joe Biden:
http://www.joebiden.com/
   Sam Brownback: http://www.brownback.com/
  Hillary Rodham Clinton: http://www.hillaryclinton.com/   Rudy Giuliani: http://www.joinrudy2008.com/
  Chris Dodd:
http://chrisdodd.com/
  Mike Huckabee: http://www.mikehuckabee.com/
  John Edwards:
http://johnedwards.com/
  Duncan Hunter: http://www.gohunter08.com/
  Mike Gravel:
http://www.gravel2008.us/
  John McCain: http://www.exploremccain.com/
  Dennis Kucinich: http://www.dennis4president.com/   Ron Paul: http://www.ronpaul2008.com/
  Barack Obama:
http://www.barackobama.com/
  Mitt Romney: http://www.mittromney.com/
  Bill Richardson: http://www.richardsonforpresident.com/   Fred Thompson: http://www.fred08.com/

©2014 Webroot Inc. All rights reserved. Webroot, SecureAnywhere, and Webroot SecureAnywhere are trademarks or registered trademarks of Webroot Inc. in the United States and other countries.

SOBRE WEBROOT

Webroot® is the market leader in cloud delivered security software as a service (SaaS) solutions for consumers, businesses and enterprises. We have revolutionized Internet security to protect all the ways you connect online. Webroot delivers real-time advanced internet threat protection to customers through its BrightCloud® security intelligence platform, and its SecureAnywhere™ suite of security products for endpoints, mobile devices and corporate networks. Mais de 7 milhões de consumidores, 1,5 milhões de utilizadores empresariais e 1,3 milhões de utilizadores móveis encontram-se protegidos pela Webroot. Market leading security companies, including Cisco, F5, gateprotect, Palo Alto Networks, RSA, SOTI, Telenor, and others choose Webroot to provide advanced Internet threat protection for their products and services. Fundada em 1997, com sede no Colorado, a Webroot é a maior empresa privada de segurança na Internet dos Estados Unidos, operando a nível global em toda a América do Norte, Europa e na região da Ásia-Pacífico. For more information on our products and services, visit www.webroot.com.