Ron Paul and the Political Spam Machine

So who is Ron Paul, you ask? He is a Texas Congressman running for the Republican nomination for President of the United States in the 2008 election.

Who else is Ron Paul, you ask? He is the subject of a massive spam campaign over the last week (which continues today) where emails are being blasted out on his behalf in an effort to drum up support for his candidacy.

Unlike most spam which generally has all sorts of randomized content in an effort to get past spam filters, the content of these messages are pretty static save for the subject line and a small snippet of random characters at the very end of the message which are otherwise meaningless. Some of the subject lines that we have seen associated with the Ron Paul spam are:

Who is Ron Paul?

Vote Ron Paul 2008!

Iraq Scam Exposed, Ron Paul

IRS Fears Ron Paul?

Ron Paul Exposes Federal Reserve!

Ron Paul Wins GOP Debate!

Each of these subjects have a commonality in that they have 7 random letters at the very end of the subject line in mixed case (upper and lower case) presumably in an effort to throw off anti-spam filters. Folks from the Ron Paul campaign deny having anything to do with the spam run which is originating mostly from botnet machines and open email relays.

This isn't the first time that email has been used as a vehicle to distribute large spam runs containing political motivated propaganda. Back in May, 2005 machines that were infected with the Sober-N worm were being used to mass distribute spam that decried the Dresden bombing and the admittance of Turkey into the European Union. Like those emails the Ron Paul spam messages had no further action required by the end user. Meaning that there was no link to click in the email to visit an internet web site nor was there a distributed attachment.

This brings up a couple of interesting threat scenarios from where I sit:

As the 2008 presidential campaign wears on I would definitely expect to see more political campaign based propaganda spammed out. This particular spam run happened to be pro Ron Paul, but expect to see smear campaigns sent out as well in an effort to build up negative public opinion. It'll be up to the public to be much more diligent in understanding what the candidates true opinions are on the important issues and not assuming what they read in email or on the internet to necessarily be true.

Another possibility that exists here is the potential for the distribution of malware via these spam messages. I could easily see a lure where political messaging is used as a social engineering technique to get people to open an infected attachment or get someone to click a link which takes them out to a malicious web site infected with malware.

As with any current event or subject that people are passionate about criminals will also try to prey upon those feelings and will likely also setup phishing sites posing as campaign contribution sites (similar to how we see fake donation web sites pop up after natural disasters).

So, as always there is a wide open potential for further abuse here and I would not be surprised at all to see them all used over the next year leading up to the elections (exactly one year from today, in fact). Always be careful about what you read, be careful about who you are giving your confidential or personally identifiable information to, but ALWAYS be careful about what you click on. Things are not always as they appear to be.