On March 19 of this year, hackers believed to be working for the Russian government sent an email to Hillary Clinton’s campaign chairman John Podesta, trying to trick him to click on a Bitly link and then give up his Gmail password.
Podesta fell for it, and that opened the door for the hackers to break into his Gmail account, as Motherboard first reported last week. But a new email published on WikiLeaks on Friday reveals that Podesta was suspicious of the phishing email, and asked Clinton’s IT staff for help.
Read more: Would You Click on These Fake Gmail Alerts?
Charles Delavan, the IT Helpdesk Manager for the Clinton campaign, appeared to fall for it too, however.
“This is a legitimate email,” Delavan responded, according to the leaked email. “John needs to change his password immediately, and ensure that two-factor authentication is turned on his account.”
Delavan was responding to an email from Podesta’s chief of staff Sara Latham, who had forwarded the fake Google alert email sent by the hackers. That email contained the Bitly link that security firm SecureWorks has linked to the Russian hacking gang Fancy Bear, the same one believed to be behind the hack on the Democratic National Committee.
To Delavan’s credit, he did not suggest Podesta click on the email, but rather advised him to go to the real Google website where he could have changed his password and enabled two-factor.
“It is absolutely imperative that this is done ASAP,” Delavan wrote, sending the email to both Podesta’s chief of staff as well as the campaign’s Chief Information Officer.
The Bitly link sent to John Podesta contained his personal information encoded, including his email address and even his profile picture. (Image: Thomas Rid)
It’s unclear if Podesta clicked on the phishing email and gave up his password before forwarding the email to his staff, or was led to make that fatal mistake after Delavan and the rest of the IT team failed to spot that the alert was a phishing email.
Neither Delavan nor a Clinton campaign spokesperson responded to a phone call seeking comment on Friday afternoon.
Either way, once again, this shows that even trained professionals can sometimes fall for well crafted phishing emails.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.
from Hillary’s IT Guy Was Confident Phishing Email Wasn’t a Phishing Email