That Political ‘Call to Action’ Might Actually Be a Scam
I’m just a humble immigrant, but as a mere (legal!) guest in the United States, I can’t help but notice that the country is rather, shall we say, politically divided these days (sorry if pointing that out seems rude). It seems that international scammers have also noticed this and are taking advantage of it in subtle ways.
Recently, investor Fred Benenson blogged about a sophisticated phishing campaign targeting SendGrid users. Phishers sent emails claiming that the company was going to add a large “ICE Support” button to the bottom of every outgoing email unless users unsubscribe. The emails also included a large blue button promising to help you deactivate the message, which, when clicked, naturally led to a fake version of SendGrid that would allow scammers to steal login information.
As far as scams go, that’s not a bad thing: phishing emails work best when they provoke a feeling of panic. This way, you’re less likely to think critically about them and just take action. It’s not hard to imagine this particular email being effective, given the current political climate. Let’s say you run a fair trade coffee company: you wouldn’t want a giant “Support ICE” button under your signature at this point in history.
But the trick didn’t just target left-wing organizations: variations on the theme claimed the company would also add pro-LGBT+ and Black Lives Matter banners. You see, the various political messages aren’t really the point of the scam: the point is to get business owners to panic about projecting the “wrong” values so that they click on the link and give away their login information. Scammers rely on psychological tricks to lure their victims, all designed to make you stop thinking rationally. Exploiting the American political divide seems like a great way to achieve this.
Political phishing schemes are not new
This is just the latest example of a scam that uses politics as a tool. In 2020, a fake Black Lives Matter election campaign spread malware by posing as a county official seeking comment on the then-burgeoning political movement. People on both sides of the partisan divide eventually got out and got infected.
And then there are campaigns where people pose as politicians and beg for donations: In 2024, Lifehacker reported on a series of political donation scams that cropped up during the presidential election cycle. This trend continues to grow, according to Stacey Wood, a fraud expert writing for Psychology Today. “What is particularly difficult for consumers and voters is that legitimate campaign operatives use many of the same common persuasion techniques that fraudsters employ,” she writes.
What do you think of it so far?
All of this is to say that international scammers have equal access to American media, are aware of our political divisions, and know how to use them effectively to exploit your emotions to steal your money.
How to spot a political phishing scam
What can you do to protect yourself? First, be aware of the tricks scammers use and always approach your inbox with skepticism. Before clicking on a link from an unknown sender or in an unsolicited email, hover over it to see if it goes to a website that appears legitimate. Better yet: avoid clicking links altogether and go directly to a given service’s website by typing it into your browser.
Remember, it’s easier to fall for a scam than you think, so it pays to be skeptical, especially when you encounter a call to action designed to make you react in panic.
