US

Clinton’s Campaign Fooled By An Obvious Phishing Scam

REUTERS/Joshua Roberts/Files

Daily Caller News Foundation logo
Blake Neff Reporter
Font Size:

John Podesta’s email account may have been hacked because Hillary Clinton’s tech team told him a phishing attempt was a genuine email from Google, newly-leaked emails reveal.

The chain is from the latest batch of emails released by the online hacktivist group Wikileaks. Notably, the emails are dated March 19, 2016, making them chronologically among the most recent emails yet released.

In the email chain, Clinton IT employee Charles Delavan responds to a forwarded message that appears to be from Google warning Podesta of a hacking attempt.

“Hi John,” the “Google” email says. “Someone just used your password to try to sign in to your Google Account john.podesta@gmail.com.” The message then gives the details of an IP address based in Ukraine.

“Google stopped this sign-in attempt. You should change your password immediately,” the email continues, before providing a helpful link for Podesta to do just that. (RELATED: Reddit Declares War On Hillary’s Paid Trolls)

The link wasn’t a real message from Google. Instead, the shortened link appears to have itself been a phishing attempt, an effort to suss out Podesta’s email password by having him “change” it. Copying the link from the email into Google Chrome immediately produces a big safety warning from Google itself:

The warning that a "Google" link in John Podesta's inbox was likely a phishing attempt. [Google Chrome screengrab]

The warning that a “Google” link in John Podesta’s inbox was likely a phishing attempt. [Google Chrome screengrab]

But disastrously, Clinton’s IT team didn’t spot the fraud. Instead, Delavan said it was a genuine message from Google.

“This is a legitimate email,” Delavan said. “John needs to change his password immediately, and ensure that two-factor authentication is turned on his account … It is absolutely imperative that this is done ASAP.”

Delavan’s message was then passed on to staffer Milia Fisher, who was told to fix Podesta’s email. Delavan did provide an alternative, legitimate link where Podesta could change his password, but it’s possible that Fisher (or Podesta himself) ended up using the original phishing link instead. If that’s what happened, then it would explain how Podesta’s email was successfully hacked, and it would explain why the leaked emails appear to cut off two days later, on March 21.

Send tips to blake@dailycallernewsfoundation.org.

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.