Network News

X My Profile
View More Activity
About this Blog   |   On Twitter   |   Follow us on Facebook   |   RSS Feeds RSS Feed

Update: George Mason Hoax E-Mail Tracked

Here's an update from my colleague Brian Krebs, who writes this washingtonpost.com blog:

An e-mail hoax telling 35,000 George Mason University students, faculty and staff, that the election had been moved to Nov. 5, was sent through servers run by a D.C. based company that seeks to help political campaigns promote their messages online.

The fake e-mail, sent just after 1 a.m. this morning to a campus listserv, was crafted to appear as though it was sent from GMU's provost. In a follow-up e-mail sent this morning by the real GMU provost, the university said the hoax was perpetrated by someone who had apparently "hacked into" the school's e-mail system.

But information sent to washingtonpost.com by a GMU student indicates that the hoax succeeded because of a lack of proper filtering on the university's e-mail servers. In addition, it appears that the message was routed through e-mail servers at a local political advocacy group.

According to the information contained in the e-mail header -- a portion of the message that could not be faked -- the bogus alert was routed to the university though servers at wiredforchange.com, a company in Washington, D.C., that provides e-mail and fund-raising services to Democratic and progressive candidates.

Among the group's clients are Va. Gov. Tim Kaine's Moving Virginia Forward campaign and Indiana Sen. Evan Bayh's AllAmerica Political Action Committee Web site.

Chris Lundberg, chief technology officer at wiredforchange.com, confirmed that the hoax e-mail was routed through its servers to GMU from a computer located in Germany. The message was sent via one of the group's "tell a friend" pages, which allows anyone to post messages to a recipient on behalf of campaigns working with or hosted at wiredforchange.com. An example of this feature can be seen here, at the campaign Web page of Paul Newell, a Democrat running for a seat in the Ohio state assembly.

Lundberg said wiredforchange.com does have protections in place to block spammers from abusing the service, but that a single e-mail sent through the system from an Internet address that was not previously included on a spam blacklist would likely get through its servers most of the time.

"We are as pissed off as anyone about this incident, because our whole intention is to maximize turnout for election, not detract from it," Lundberg said.

Still, Lundberg said, the hoax e-mail probably would have failed if GMU's e-mail listserv -- the system set up at GMU to notify all students, faculty and staff simultaneously -- had been configured to ignore requests coming from outside of the university's network.

GMU spokesman Daniel Walsch, declined to comment on the technical aspects of the incident. But he said the university has been fielding calls all morning from students and parents upset or confused about the fraudulent missives.

"This is upsetting and embarrassing and has caused a lot of confusion and concern among people," Walsch said.

Walsh said the university is working with the FBI to identify the source of the messages.

By Josh White  |  November 4, 2008; 2:11 PM ET
 
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Virginians Voting in Record Numbers as Lines Dwindle Midday
Next: Voter Intimidation, or Just Cleaning Up?

Comments

The Common Cause Study, Deceptive Practices 2.0 predicted this kind of behavior and warns against other web related voter deception tactics designed to supress the vote. You can find it here.

http://www.commoncause.org/atf/cf/%7Bfb3c17e2-cdd1-4df6-92be-bd4429893665%7D/DECEPTIVE_PRACTICES_REPORT.PDF

Posted by: laurenColetta | November 4, 2008 2:40 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company