Symantec is offering a free tool for US campaigns and election officials to fight fraudulent websites, the company announced Tuesday. The feature could help take away an important weapon in thearsenal: the spoof website. Lookalike websites could imitate official government sites and report false information about candidates or voting. What’s more, they’ve already been used to imitate a login page to trick campaign workers to enter their valuable usernames and passwords. That approach, called phishing, was key to letting hackers gain access to the emails and internal documents of important Democratic Party organizations and key figures in Hillary Clinton’s 2016 presidential campaign, according to of the Russian hackers alleged to have stolen and leaked emails from the groups.
Symantec offers its tool — called SpoofProof — as election officials are trying to batten down the hatches for the 2018 midterm elections. Concerns over election hacking are increasing as experts say it’s too late to stop hackers in this election cycle, but there still may be hope for 2020. Symantec’s free tool won’t take on the problems of hackable voting machines or remove every hacking strategy from the table for well-funded hackers.
Still, there’s no denying phishing and spoofed websites are a big part of the problem. What’s more, phishing has proven one of the hardest cybersecurity problems to fight since the dawn of email, because hackers can create very convincing fakes, and because one mistake from a human being is all it takes to let hackers run amok. (The FTC suggests that you be cautious about following links in emails and that you use two-factor authentication to avoid letting hackers make your inbox their playground.)