It was a single email that quite possibly changed the course of history. It was a single email that was used to gain access to thousands of Hillary Clinton and DNC emails. A scandal that is blamed for derailing her campaign, and accelerating Donald Trump’s climb towards becoming the 45th President of the United States.

The Famous Email Scam

Below is the email that scammed Clinton and many others. It looks like a typical message sent from Google, doesn’t it? The only difference being the sender. Would you have picked it up as a fake?

How it Played Out

Anyone clicking on “Change Password” would immediately be letting hackers in, and exposing their entire organization and personal documents. You can read more about the play-by-play here but there are some choice sentences from that article that sharply put this into perspective:
1) The hackers worked their way around the Clinton campaign’s top-of-the-line digital security to steal chairman John Podesta’s emails in March 2016
2) The rogue messages that first flew across the internet March 10 were dressed up to look like they came from Google, the company that provided the Clinton campaign’s email infrastructure
3) The messages urged users to boost their security or change their passwords while in fact steering them toward decoy websites designed to collect their credentials
4) The Clinton campaign was no easy target; several former employees said the organization put particular stress on digital safety
5) Work emails were protected by two-factor authentication, a technique that uses a second passcode to keep accounts secure. Most messages were deleted after 30 days and staff went through phishing drills
6) Documents subsequently published by WikiLeaks show that after the rogue email arrived, the link was clicked, often twice
7) Podesta’s messages — at least 50,000 of them — were in the hackers’ hands

Note to Self

Next time you open an email, ask yourself: “Could I have fallen for this?”, “Am I — and my company — protected enough?”, “Is everyone on my team, on my network, alert to phishing threats — because I am only as strong as my weakest link?” If you’re worried about e-mail safety and phishing, read more about Retruster’s solution.