Feds warn election officials of potentially malicious ‘typosquatting’ websites

It's part of a heightened defensive tempo that officials are on in an election year.
(Getty Images)

The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains and could be used for phishing or influence operations.

The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were purporting to offer information related to voting and elections.

“These suspicious typosquatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.”

Typosquatting is an issue that litters the internet and affects every sector because it is cheap and easy for anyone to set up a website that mimics the spelling of a legitimate one. A 2018 study found a number of instances of typosquatting that spoofed 2016 presidential campaign websites.


The FBI identified the websites between March and June, according to the bulletin, which cited “recent FBI reporting from a collaborative source whose reporting has not been corroborated.” There have not been any known malicious incidents associated with the suspicious domains, a person familiar with the bulletin said. Some of the websites may simply be bogus instead of malicious, the person said.

Yahoo News was first to report on the DHS bulletin.

The DHS advisory is part of a regular stream of threat intelligence that federal officials send to state and local election officials. In March, after a local Missouri election official clicked on a malicious email, word of the incident quickly reached state officials and DHS warned officials about the email. The incident didn’t escalate and no voter data was compromised.

The incident was a reminder that federal and state work on election security has grown much more collaborative since Russia’s interference in the 2016 election, after which it took federal officials many months to formally notify states that their IT systems had been probed.

U.S. intelligence officials have repeatedly said that Russia, China and Iran, along with other foreign countries, have attempted to interfere in the 2020 U.S. election.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts