Phishing scammers have gone political, message-filtering firm SurfControl said Wednesday.

For the first time, phishers have targeted people who contribute to political campaigns, SurfControl said as it rolled out an alert about a pair of messages that masquerade as contribution come-ons for the Kerry-Edwards ticket.

"We've been on the lookout for messages like these for the past month," said Susan Larson, SurfControl's VP of global content. "But they're definitely the first to actually appear."

The messages, complete with legit-looking logos, carried subject heads of "President John Kerry, please vote and contribute," and included links to Web sites where users could use their credit cards to make a contribution. In reality, the sites were bogus--one hosted from the United States, the other from India--and have since gone offline.

That's not unusual, said Larson, who noted that phishing sites cut and run quickly to avoid prosecution. Other phishing experts back her up. The Anti-Phishing Working Group said Tuesday that the average lifespan of a phishing site was just 2.25 days.

That phishers are using a political angle shouldn't be much of a surprise. Candidates in the 2004 race have ventured into online advertising like never before, leading some analysts to anticipate a banner year for political advertising online. Kerry's campaign has posted ads on more than 100 Web sites asking for $50 contributions.

And although the political disguise is a new mask for phishers, it fits nicely with scammers' habits, said SurfControl's Larson. "Anything that's topical, emotional, and looks urgent is perfect fodder for them," she said, noting that political contributions fit all three. "It's no coincidence that these appeared just days after the Democratic National Convention. People invigorated by the convention are more likely to volunteer information like credit-card numbers."

There are no "dirty tricks" behind this, she said, and the fact that the Democrats were hit first is simply because they've been most in the news of late.

"It's purely economics," said Larson. Phishing scams' goals are almost always the same: entice consumers to divulge precious personal information, such as credit-card and bank-account numbers.

"We should definitely expect more scams like this," said Larson, who added that she anticipates similar schemes to target Republican contributors once that party wraps up its convention in New York in early September.

The politically astute might have noticed that the come-ons were for direct contributions to the Kerry-Edwards campaign, which stopped accepting donations after the pair took their party's nomination last week. "When some see that it's after money right to the campaign, they might have gotten wise," said Larson.

The Democratic National Committee, however, is accepting donations--and could be the next target of a scam once phishers realize their messages are seen for what they are: fake.

The most worrisome aspect of these attacks, she said, isn't that they hide behind a political disguise, but that they're just another example of the lengths to which phishers go. "They're getting very devious," Larson said. "The more we warn people, the more they change their tactics."

As an example, she pointed out that one of the two messages included an alert in large red type that read: "WARNING! If this E-mail is from any address that includes @JohnKerrys.com it is not an official email from Kerry-Edwards, 2004, Inc. Do not donate using any link in this E-mail."

"They're trying to fool people by saying 'do not send money to any other site,' that our identity is legitimate."