A surge of racist and bigoted spam messages after the presidential election exposes the vulnerabilities in ad tech and data brokerage systems. This alarming incident reveals how malicious actors exploit personal information, from unregulated voter data to widespread data leakage.
Bad actors aren’t quite as sinister as racism and bigotry, but they played a part in the hateful texts sent to Black Americans, Latino Communities, and LGBTQ+ individuals after the results of the presidential elections.
While authorities, including the FBI and Federal Communications Commission, investigate the origins of these hateful messages, the incident reveals deeper flaws that enable bad actors to exploit personal data easily.
The text messages, many of which contained personal details such as names and addresses, raise serious questions about how malicious actors obtain such sensitive information. Political campaign practices involving purchasing voter data from unregulated data brokers appear to have created fertile ground for this abuse.
How Ad Tech Fuels Malicious Activity
Data brokers often compile information by harvesting web browsing habits, social media profiles, and commercial activity, merging it with demographic and contact information. This data, originally intended for targeted advertising or voter outreach, can easily fall into malicious hands when left unchecked.
The ad tech industry plays a critical role in enabling these activities. Ad tech relies on intricate systems to track, store, and analyze user data for targeted advertising. Unfortunately, bad actors can weaponize this same machinery.
In this case, the perpetrators likely relied on lists acquired or inherited from campaign contractors or purchased through dubious channels. The lack of accountability in this chain creates opportunities for fraudsters and hate groups to weaponize data meant for commercial purposes.
Slave Plantations, Deportation Alerts, and LGBTQ+ Reeducation Camps
The spam texts started the day after the election, targeting Black men, women and children as young as middle school. The FBI found that the anonymous messages were sent in several states—New York, Alabama, California, Ohio, Pennsylvania and Tennessee.
For instance, Tasha Dunham from Lodi, California, shared that her 16-year-old daughter received a disturbing message before basketball practice, directing her to report to a “plantation” in North Carolina—a place they’ve never lived. When they looked up the address, it was a museum.
Initially dismissed as a prank, the message raised serious concerns given heightened emotions after the presidential election. Dunham, reflecting on the historical weight of slavery, described it as “awful and concerning” and reported the incident to local law enforcement.
“I wasn’t in slavery. My mother wasn’t in slavery. But we’re a couple of generations away. So, when you think about how brutal and awful slavery was for our people, it’s awful and concerning,” Dunham said.
Lovely smh….it’s only day 2 after the election https://t.co/r0HaB6Ubnk pic.twitter.com/P7J4U6f9fw
— Wu Tang is for the Children (@WUTangKids) November 7, 2024
And just a few weeks later, similar texts plagued the phones of members from the Latino and LGBTQ+ communities. Anonymous text threats targeting Latino and LGBTQ+ communities have sparked alarm, with thousands blocked by wireless carriers after being flagged, according to Nick Ludlum of CTIA.
Latino students, particularly in California, were targeted with personalized messages, some warning of immigration raids, per Juan Proaño of League of United Latin American Citizens (LULAC). Meanwhile, LGBTQ+ individuals received texts referencing “reeducation camps,” echoing discredited conversion therapy practices.
The Trevor Project, a non-profit suicide prevention organization, reported a surge in crisis calls from LGBTQ+ youth after Election Day, with many expressing fears of losing access to gender-affirming care or facing violence.
Advocacy groups condemned the harassment, emphasizing the toll on marginalized groups’ mental health. “No one should face harassment simply for who they are,” said Janson Wu from the Trevor Project, urging affected individuals to seek support.
The Dark Underbelly of Ad Tech: Data Leakage, Bad Actors, and Fraud
Of course, the ad tech industry is not directly responsible for these hateful spam messages, but many players in the supply chain have fallen victim to the same traps from bad actors.
Data leakage, a pervasive issue where unauthorized third parties collect and exploit user data without consent, is a primary concern for 90% of publishers. This unauthorized data harvesting often occurs through third-party cookies, tracking pixels, and open RTB bid requests, potentially leading to a depreciation of ad inventory value. The impact is substantial, with publishers estimating they could see at least a 21% increase in revenue if they eliminated data leakage. It would also significantly hinder these bigoted spam messages or any scam calls we receive throughout the day.
Unfortunately, digital advertising and data brokerage provide fertile ground for bad actors to exploit personal information. These malicious entities may intentionally misuse audience data, build unauthorized user profiles, and divert programmatic spending from original publishers to cheaper inventory.
The consequences are dire, with 76% of publishers citing “loss of ad revenue” as a top risk resulting from data leakage. To combat these issues, publishers are implementing technical protections, using tools to track unnecessary pixel dropping, establishing clear legal contracts, and regularly auditing their ad tech partners.
As the industry shifts away from third-party cookies, publishers face the challenge of balancing a closed, safe environment with sustainable monetization strategies. This transition presents an opportunity for better data protection and potentially increased revenue but requires vigilance and proactive measures to safeguard against persistent data leakage and fraud threats.
A Wake Up Call
The content of these spam messages is horrifying, but the access anonymous actors have to sensitive demographic data, such as race, sexuality, and cellphone numbers, is deeply concerning. While campaigns use this data to target political ads, it should never fall into malicious hands.
Political candidates’ reliance on apps like TextNow and other internet-based messaging platforms showcases another vulnerability in the system. These tools, designed for convenience, often lack robust safeguards against misuse.
While companies claim to have policies to prevent abuse, their reactive measures—such as disabling accounts after threats are sent—highlight a reactive rather than proactive approach to mitigating harm. This reactive culture is mirrored in ad tech, where bad actors frequently exploit programmatic advertising systems to spread disinformation, commit fraud, and fund unethical activities, all while remaining largely undetected.
This incident should serve as a wake-up call to the ad tech industry, regulators, and society. As we push for innovation and efficiency, we must prioritize transparency and accountability. Stronger regulations on data brokers, more stringent identity verification for messaging platforms, and ethical oversight of programmatic advertising systems are critical to preventing similar abuses in the future. Until these structural weaknesses are addressed, the digital ecosystem will remain fertile ground for the proliferation of hate, fraud, and manipulation.