Spam the Vote: Ron Paul Spam Surfs into Inboxes

Spam supporting presidential hopeful Ron Paul filled inboxes this week as zombie computers spewed thousands of messages to recipients, according to spam experts. The spam supporting Paul was sent using the same illegal spam methods used to distribute masculinity enhancement products and pump-and-dump penny stock schemes.

Experts suggest getting used to it. They expect that during this election cycle things are going to get ugly as campaigns, spammers, unruly supporters, and even rival camps use blogs, inboxes, YouTube videos, and search engines to spam the vote.

In this case, the Ron Paul 2008 Presidential Campaign Committee vigorously denies sending the spam, approving its distribution, or having any ties to its senders. Security experts analyzing the deluge agree the official organization is likely not the source.

Or, as everyone discussing the deluge noted, the spam may have been sent by someone trying to make Paul look bad by associating him with spamming.

"It's a tactic that we've seen many times in the past," says Sam Masiello, director of threat management at e-mail security firm MX Logic. "We just didn't expect to see it start happening so early this year."

With Friends Like These . . .

Security experts contacted report seeing this week waves of identical spam that supports candidate Paul. In each instance, the spam was sent using a botnet, which is a network of hijacked consumer or commercial PCs that are often used surreptitiously by hackers to send spam.

MX Logic's Masiello says the spam messages sent on Paul's behalf didn't contain malicious surprises.

Instead, the Ron Paul spam contained only written requests to support Paul's presidential bid. E-mail subject lines of the spam messages featured various come-ons, such as "Who Is Ron Paul?" "Ron Paul Eliminates The IRS!" and "Ron Paul Wins GOP Debate!"

"We suspect an overzealous and well-intentioned Ron Paul supporter sent these messages," says Jesse Benton, spokesperson for the Ron Paul 2008 Presidential Campaign Committee. Benton suggests the spam may have been sent by someone interested in discrediting Paul by associating his campaign with spamming.

A Paul spam surge was spotted Monday by several security services, including SophosLabs, which quickly began blocking the messages. MX Logic tracked the spam coming from hijacked PCs from Europe, South America, and Australia. The security services say volumes of Paul spam have dropped considerably by Friday.

What is unique about the Paul spam is that it doesn't try to entice the recipient to do anything, such as visit a page loaded up with malware. It's a common tactic of virus-spreaders or phishers to lure recipients into opening an enticing message with a spoofed return address--inviting them to donate money to California fire victims, for example, and instead harvesting the credit card information for nefarious purposes. That kind of spam could cause a backlash on Paul, even if his campaign had nothing to do with it.

Security experts expect political spam will soon be used to carry more than political messages. Representatives of Internet security firm SonicWall say they have already seen political-themed spam used to entice people to open messages containing links to viruses and worms including the so-called Storm worm.

The spate of spam supporting Paul does not urge recipients to fork over personal or financial information, says MX Logic's Masiello. "It just asks you to support Ron Paul," he says.

Political Spam Goes Web 2.0

Accusations that supporters of Paul are using spammy tactics to promote the candidate don't stop with e-mail. The suspicious point out that Paul garners a disproportionate amount of support online (as measured by Web-based polls, mentions in blogs, and frequency of Web searches conducted by users related to "Ron Paul") compared to voter interest polls conducted offline. That fact may suggest Paul's online supporters are stuffing the virtual ballot by voting early and often at political polling Web sites.

Benton chalks up the lopsided support online verses offline by noting that Paul has won some of the tech savvy-voters by supporting issues such as an Internet unfettered by government regulation.

While current Paul-promoting political spam poses little security threat to users, spam that promotes candidates could overwhelm the systems used to block unwanted e-mail, say security experts.

Last presidential election MailFrontier, now owned by SonicWall , reported that in days leading up to the 2004 presidential election one percent of all spam -- more than 40 million messages daily -- were political. Spam topics included both President Bush and Sen. John Kerry.

This campaign season is likely to see spammers adopting new technology to get their candidates' messages out, moving beyond botnets that spew spam. One technique is called Google bombing, which tricks a search engine's ranking algorithms by flooding the Web with links and sites of a certain theme. Google bombs were used last year against 50 Republicans up for re-election. Liberal bloggers at Direct Democracy admitted to targeting the Republicans and did their best to influence Google search results to refer searches for candidate information to unflattering Web sites and articles about individuals running for office.

Brace Yourself

Unsolicited political messages are specifically exempt under the federal CAN-SPAM Act, which sets rules for mass messaging and provides penalties for violations. Mass mail must provide the actual source as a return address and offer an opt-out from future mailings. However, any use of bots to disguise the source of e-mail is illegal.

Other types of expected political spam beyond the inbox variety are so-called splogs or comment spam, which is an automated technique used to add comments to blogs or create Web pages promoting a commercial or -- in this case -- political cause. Other recent techniques of spamming include people who create decoy YouTube videos that promise one thing but deliver a commercial or political message.

The reason we see this is because in a tight race spam (in its various incarnations) can shape public opinion just as spammer peddling diet pills always find customers, says Andy Klein, SonicWall product marketing manager.

And this, mind you, is the dark side of political spam, not to be confused with the volumes of legitimate political e-mail from candidates and their supporters sent by legitimate e-mail channels that is also likely to multiply in our inboxes over the next 12 months.