2025 Governors and Legislatures (Projected)
image/svg+xml Skip to main content
Search image/svg+xml

Key Takeaways:

  • Recently, we have noticed an uptick in the frequency of phishing emails that are impersonating government jurisdictions and attempting to trick users into sharing personal and company information related to lobbying activity.
  • Phishing is when attackers attempt to get individuals to reveal sensitive information via malicious emails or other digital communications.
  • A good rule of thumb is to never open an attachment, provide information, or comply with any request within an email you suspect to be a phishing attempt.

Recently, we have noticed an uptick in the frequency of phishing emails that are impersonating government jurisdictions and attempting to trick users into sharing personal and company information related to lobbying activity. Phishing is when attackers attempt to get individuals to reveal sensitive information via malicious emails or other digital communications. They may ask for information about finances, identifying personal details, or credentials that allow them to access email and financial systems.

Fake Lobbying Compliance Emails Designed to Trick You

Below are a few examples of phishing emails we have seen in the lobbying compliance space. 

The first email is impersonating the Baltimore, Maryland, Ethics Board in an attempt to acquire sensitive account information. The email asks that the user click the embedded link and verify the information on file, while also attempting to acquire emails and passwords. The second email is impersonating the Wisconsin Ethics Commission in an attempt to get the user to download and save a file, which likely contains a virus, malware, or a trojan horse. This would allow those carrying out the attacks to access user information.

How To Spot Phishing Emails

It is important to always stay vigilant when it comes to suspicious emails. You should never open an attachment, provide information, or comply with any request within an email that you suspect to be a phishing attempt.

What is the best way to spot these emails? The biggest giveaway is often the email addresses and contact names. While the contact name may look legitimate, investigate the actual email address the message is being sent from — phishing emails are often sent from free email service providers such as Gmail. A legitimate government email will usually always be from that government entity’s domain (e.g., baltimorecity.gov). 

Additionally, experts recommend that you look for poor spelling and grammar or odd requests and threats in an urgent tone. The emails may also have attachments or explicitly ask for financial credentials or other personal information. The FTC’s guide is a great resource for how to identify phishing attempts.

I Think It’s Phishing — What Do I Do Next?

If you are unsure if an email is a phishing attempt you should exercise the utmost caution before opening any attachments, providing any information, or complying with any requests within the email. If the email is a lobbying or PAC compliance email, please don’t hesitate to reach out to the MultiState team if you have any hesitation with an email you have received.