The emails came from an address that appeared to be affiliated with a far-right group, though an analyst who reviewed one email obtained by CNN said it had been sent using foreign internet infrastructure.
The identity of the person or group behind the messages was unknown, said TJ Pyche, a spokesperson for the Alachua County Supervisor of Elections in Florida.
Pyche said his office “got flooded with phone calls and emails” from dozens of voters about the messages Tuesday and immediately reached out to local, state and federal law enforcement, including the FBI.
University of Florida spokesperson Steve Orlando said 183 people, including students, staff and alumni, received the emails.
The Lawyers’ Committee for Civil Rights Under Law received about three dozen reports of voters getting similar email messages Tuesday and at least one of those was from Arizona, said Kristen Clarke, president and executive director of the organization. “Regardless of who is behind this effort it seems the goal is to discourage people from freely casting their ballots,” Clarke said.
A spokesperson for the Alaska Division of Elections, Tiffany Montemayor, said the state is aware of Alaskans receiving similar emails and said, “We’ve forwarded that information to the appropriate federal agencies for their review.”
The FBI did not respond to a request for comment.
A spokesperson for the Cybersecurity and Infrastructure Security Agency said in a statement that it is aware of the emails.
“While we are looking into the emails, we can tell you this: your vote IS secret,” the spokesperson said. “These emails are meant to intimidate and undermine American voters’ confidence in our elections. Don’t fall for sensational and unverified claims. Visit CISA.gov/rumorcontrol to get more facts about elections and election security. #Protect2020″
Roxanne Palmer — a resident of Alachua County, Florida, who is a Democrat — said she found one of the emails in her spam folder.
The email was sent from “firstname.lastname@example.org” and demanded that she vote for Trump “or we will come after you,” according to a copy she forwarded to CNN.
“I’m not worried about it,” said Palmer, who said she interpreted the message to more likely be a scam or stunt than an actual threat. “I’m sure it’s just someone taking advantage of a lot of the fear and tension.”
Enrique Tarrio, the chairman of the Proud Boys, said the email “is definitely not” from the Proud Boys.
“We have spoken to the FBI and are working with them. I hope whoever did this is arrested for voter intimidation and for maliciously impersonating our group,” Tarrio said.
Tarrio said the website Officialproudboys.com is one of their official websites but it has not been updated for weeks and is down because they have migrated to another website.
“We don’t send emails. This is someone spoofing our emails and website,” Tarrio told CNN.
Lt. Becky Butscher of the Alachua County Sheriff’s Office said her office is “trying to do the best we can to track down the originator” of the messages but she said a deeper investigation of the emails is happening at “a higher level.”
CNN asked John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, to review metadata contained in the email sent to Palmer.
He said the email had been sent using internet infrastructure in Saudi Arabia. Vice News earlier reported that it had obtained an email that had been sent using infrastructure in Estonia.
“This isn’t someone with a fake email account sending messages. This is an operation. The questions will be: how big was it, how many were targeted, and how well were tracks covered,” he said.
“It appears that the operators likely leveraged multiple insecure servers that they probably didn’t own in different countries, including Saudi Arabia, to send messages.”
He said it would take a careful investigation to determine who might be behind the emails or whether they are operating inside the US or abroad.
“To investigate this properly will likely require cooperation between major platforms, researchers, and US law enforcement,” he said, noting that a platform like Google, which runs Gmail, would need to track down other messages that were sent.
“We have to be careful with hot takes but recognize this for what it is. A warning sign that the shenanigans have begun and that this case needs investigating. Many other things like this may be inbound,” he added.