Continue Reading Below
"Phishing" is a type of scamming tactic in which bad actors design fraudulent emails and websites that look real in an effort to trick vulnerable users into giving out sensitive information like credit card numbers.
Avanan analyzed 1.3 billion emails sent to employees at 1,000 North American corporations between October 2019 and January 2020 and came across thousands of messages that used candidate names and logos meant to trick people into clicking on bad links and giving out personal information.
"Candidates are such a prime source for phishing," Avanan Director Dylan Press told FOX Business, adding that candidate names get a lot of attention, especially now that the U.S. is months away from another presidential election.
Trump's name was used in phishing emails more than all the other Democratic candidates combined because he has "the most name recognition out of anyone, and he stirs up an emotional response," Press said.
The candidate phishing technique is becoming increasingly popular leading up to the 2020 election. The use of candidate names in these scams nearly doubled from October to November, according to the study.
Major events also make candidate names more recognizable and therefore clickable in scam emails.
Scammers used former Vice President Joe Biden's name more frequently when the impeachment trials began and news surrounding his son Hunter Biden began to emerge, the study shows. The use of billionaire Michael Bloomberg's name increased 250 percent after he announced his candidacy.
Former South Bend, Indiana, Mayor Pete Buttigieg's name appeared in phishing emails more frequently after he held a swanky fundraiser in a Napa Valley, California, wine cave, the study found.
Bad actors have the same idea as marketers, Press said, but instead of simply trying to get a message out to the masses, they are targetting "a very anxious population."
These realistic phishing emails using candidate names include URLs to sometimes equally as legitimate-looking websites that encourage people to give out email addresses, credit card information and more. They are designed to make users believe they are signing up for a newsletter or donating to a campaign when they are actually giving out personal data to bad actors.
It is common for campaigns to come out with new website domains related to different proposals and initiatives, so scammers are able to easily create websites that successfully imitate campaign sites "in under an hour," Press said.
If a candidate introduces a new policy, his or her campaign might release a new domain dedicated specifically to that policy.
When former Joe Biden launched his "Todos con Biden" Hispanic outreach campaign without a website already designed for the program, the Trump 2020 campaign bought the domain todosconbiden.com, which now leads to a page that reads, "Opps, Joe Bien forgot about Latinos" in English and Spanish.
If the Trump 2020 campaign can pull off such an effort, scammers can certainly do the same.
"A lot of entry-level developers can make a website look legitimate," Press said, adding, "It's very easy to copy someone's website. An email can look perfect, and it doesn't have to imitate a campaign, specifically. It could be another domain pretending to be a Super PAC.
To avoid being tricked into giving out personal data to scammers, people should avoid clicking on links in emails that come from unfamiliar addresses, even if they use a candidate's name or logo.
"There is no reason to click on that email," Press said. "If you want to donate to anyone, Google their website, and I guarantee the first thing you'll see will be a [legitimate] donation link."