Those darn Russian hackers. We need to increase our security. Or increase our employee’s awareness of security issues such as phishing. One link click opened up the email account of a Hillary election employee.
The email was a fake warning from hackers that appeared to be from Google, telling Podesta to change his password through a link they provided. The “phishing” scam is a popular one that depends on the gullibility of the victim.
Or a typo:
“This is a legitimate email,” Charles Delavan, a Clinton campaign aide, replied to another of Mr. Podesta’s aides, who had noticed the alert. “John needs to change his password immediately.”
Having read the message, Podesta must have thought it was OK to click the link and reset his password — exactly the opposite of what Delavan intended.
Mr. Delavan, in an interview, said that his bad advice was a result of a typo: He knew this was a phishing attack, as the campaign was getting dozens of them. He said he had meant to type that it was an “illegitimate” email, an error that he said has plagued him ever since. And that’s how more than 60,000 emails of Hillary’s top aides fell into the hands of allegedly Russian state-sponsored hackers.