Research from DataDome shows political donation sites are a target for malicious actors. The research suggests that as the election season draws closer, the increase in political donations may attract cyber criminals and cause them to target political donation websites in greater volume. Protecting donation sites is essential to ensure not only the secure transfer of funds, but also to defend donors personal information such as names, addresses and credit card information.
The research evaluated three major donation sites in the United States, finding two of them lacked critical security measures. These two platforms were depending on basic defenses, which according to the research, are insufficient against today’s modern cyber threats. Only one platform deployed two-factor authentication, and no platform sufficiently protected against bot traffic or credential stuffing.
According to the research, the implications of this lack of security are three-fold:
- Malicious actors could gain access to user accounts, scraping for sensitive information (such as credit card information). This may leave users vulnerable to identity theft or financial fraud.
- In the event of a breach, the platforms could face chargebacks, fraudulent activities and even legal fees.
- Fundraising efforts may become impacted, as a breach may damage the reputation of a platform and cause potential donors to avoid contributing.
The research encourages political campaign donation platforms to improve security measures as the election season draws near.
