Scammers Spoof MAGA Hat Vendors to Steal $2.3m from Republicans

The Wisconsin Republican Party (WisGOP) has been left red-faced after a suspected Business Email Compromise (BEC) attack stole millions of dollars intended to support Donald Trump’s re-election bid.

The party issued a statement on Thursday revealing that it discovered a phishing attack a week previously, on October 22, and promptly notified the FBI.

According to the statement, attackers had forged invoices and sent them to the party under the names of legitimate WisGOP vendors.

This sounds like a classic BEC attack, in which cyber-criminals hijack a target’s inbox via phishing to monitor emails sent back and forth with vendors. They’re then able to spoof those vendors, sending invoices to the targeted organization with their own bank details at the bottom.

“Cyber-criminals, using a sophisticated phishing attack, stole funds intended for the re-election of President Trump, altered invoices and committed wire fraud. These criminals exhibited a level of familiarity with state party operations at the end of the campaign to commit this crime,” said state party chairman, Andrew Hitt.

“While a large sum of money was stolen, our operation is running at full capacity with all the resources deployed to ensure President Donald Trump carries Wisconsin on November 3.”

The attack has extra significance given that Wisconsin is a key swing state which Trump won by only around 20,000 votes last time, so every last penny will be needed as both parties step up their campaigning.

According to reports ..

Support the originator by clicking the read the rest link below.