Phishing Scam Exploits Fake Websites to Steal Donations from Trump Supporters

A targeted phishing campaign has emerged, aiming at supporters of Donald Trump by utilizing fake donation websites. The origins of this campaign are still under investigation, with some evidence suggesting links to China. Here’s how to safeguard your personal information and avoid falling victim to this scam.

The upcoming US presidential elections are drawing significant attention from threat actors due to the global spotlight and local public involvement. Following an attack on former president and Republican nominee Donald Trump, his heightened visibility has attracted not only supporters but also scammers. These malicious actors exploit the increased interest to perpetrate crypto scams and collect credentials through phishing schemes.

Recent research by the Israeli cybersecurity firm Veriti reveals that Trump supporters have been targeted by a sophisticated phishing campaign that began on May 21, 2024. Unlike conventional phishing scams, this campaign is focused on soliciting cryptocurrency donations. The scammers are leveraging the “novelty and perceived security” of cryptocurrencies to entice users into what appears to be a secure and anonymous donation process.

The fraudulent campaign features fake websites designed to imitate Trump’s official donation platform. These sites mimic legitimate donation pages by using the WinRed service, familiar branding, and messaging to deceive supporters into making contributions.

Dinner for Donations

Interested in having dinner with Trump at Mar-a-Lago for just $2,000? It sounds too good to be true—and it is. This scam mirrors the layout of the official campaign page, but instead of contributing to a legitimate cause, it fraudulently siphons off your money.

( Fake Site)

( Actual donation page )

For context, WinRed is the official fundraising platform for the Republican Party in the United States. Veriti has identified several malicious domain names involved in the scam:

• winred./online
• winred./today
• donaldjtrump./top

Detecting the scam can be relatively straightforward due to its use of cryptocurrency and deviations from the official donation process. Authentic Trump campaign donations are processed through the WinRed platform, featuring official links such as those for the Trump National Committee and Support Mike Johnson for Congress.

The fraudulent donation websites are visually identical to legitimate ones and share the same cryptocurrency wallets and updated donor lists, indicating a coordinated effort by the scammers.

Veriti’s findings indicate that the phishing campaign remains active, with the latest victim connecting to one of these sites on July 22. Although there have been only minimal cryptocurrency transactions—amounting to a few hundred dollars recorded in an Ethereum wallet and a significant transaction in June—the campaign’s potential for harm remains high.

The origins of this phishing campaign are still under investigation, with some traces of activity pointing to China, but no definitive links to a specific hacking group have been established. The potential damage is substantial, emphasizing the need for vigilance and preventive measures.

To protect yourself from such scams, always verify website URLs and research the legitimacy of organizations before making donations. Look for reviews and testimonials from reputable sources and be cautious of urgent appeals and suspicious links. Scammers frequently use emotional tactics to coerce victims into donating. Additionally, be wary of unsolicited emails and unknown senders