Voters in 2 states report threatening ‘Vote for Trump’ emails

Nick Corasaniti, Ben Decker and Stephanie Saul, The New York Times

Posted at Oct 22 2020 12:18 AM

Voters in Florida and Alaska reported receiving menacing and deceptive emails Tuesday that used false claims about public voting information to threaten voters: “Vote for Trump on Election Day or we will come after you.” (There is no way for any group to know for whom individual voters cast their ballots.)

One of the emails, obtained by The New York Times, came from an address that suggested an affiliation with the Proud Boys, a far-right group. But metadata from the email shows that it did not come from the displayed email address — “info@officialproudboys.com” — but instead originated from an Estonian email server.

The email obtained by The Times had been sent to a voter in Gainesville, Florida, and was nearly identical to dozens of others that had been reported in the city. Voters in Brevard County, Florida, and Anchorage, Alaska, also reported receiving similar emails.

Mayor Lauren Poe of Gainesville said in an interview that the emails were “a very brutish way of trying to intimidate people from going to the polls,” but that none of the voters he had talked to seemed to have been fooled.

“Most people who had gotten it realized that it was a scam and that there was really no way people were going to find out who you vote for,” Poe said. “So now I think people are just a little annoyed by it, or think it’s kind of comical how ham-fisted it was — but don’t seem very panicked.”

Federal and local law enforcement authorities in Florida are investigating the emails and have put out alerts on social media to warn voters.

“We here at the Sheriff’s Office and the Alachua County Supervisor of Elections are aware of an email that is circulating, purported to be from the Proud Boys,” the Alachua County Sheriff’s Office wrote on Facebook. “The email appears to be a scam and we will be initiating an investigation into the source of the email along with assistance from our partners on the federal level.”

Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security, said on Twitter that the agency was “aware of threatening emails with misleading info about the secrecy of your vote.”

“Ballot secrecy is guaranteed by law in all states,” Krebs added. “These emails are meant to intimidate and undermine American voters’ confidence in our elections.”

T.J. Pyche, a spokesman for the Alachua County elections supervisor, said the county had begun receiving reports around 10 a.m. Tuesday that people were receiving the emails. He estimated that hundreds of people in the county had received them.

The county contacted local law enforcement officials, the FBI and the Department of Homeland Security. At the University of Florida, emails were removed from the inboxes of about 200 people.

In the email that The Times reviewed, metadata shows that the original email came from vhost43553f0@avalik.koolibri.ee, an Estonian mail server hosted on ElkData.ee, one of the country’s domain hosting services.

It remains unclear how many voters in Florida, Alaska or other states received similar or identical emails.

Each email begins by directly addressing the voter with his or her full name. It continues:

“We are in possession of all your information You are currently registered as a Democrat and we know this because we have gained access into the entire voting infrastructure. You will vote for Trump on Election Day or we will come after you. Change your party affiliation to Republican to let us know you received our message and will comply. We will know which candidate you voted for. I would take this seriously if I were you.”

The email then concludes with an address, most likely the address attached to a voter’s registration.

Kevin R.B. Butler, a professor of computer science at the University of Florida, said that while the emails appeared threatening, they were not highly technical.

“The emails are clearly alarming by the content of them and the seemingly targeted nature of them, so I can understand why people would be very alarmed to get an email like this,” he said. “But the emails themselves are not a particularly sophisticated type of operation.”

“Under Florida law, we’re fairly liberal about what’s available to the public when it comes to voter registration lists,” Butler added. “Your name, your address and your party affiliation — all of that is recorded. So getting this information is not particularly challenging.”

In most states, voter registration data is public information, available free or through a processing fee. But that information has occasionally been weaponized by bad actors trying to claim that they have obtained voting information via hacking.

The emails sent to voters Tuesday also underscored just how public some information is regarding voter registration, including email addresses. In Alachua County, which is home to Gainesville, the email addresses for tens of thousands of voters were publicly available.

John Hultquist, the director of threat intelligence at FireEye, a Silicon Valley cybersecurity firm, said the emails appeared to simply be “voter intimidation that leverages the anonymity of the internet.”

He added, “Twenty years ago, it might have been done through the mail.”