Spearphishing “Prank” Fools White House Officials

As reported by CNN and others, a UK prankster was able to trick Tom Bossert, the White House DHS Advisor, and Anthony Scaramucci, the then White House Communications Director. The prankster sent Bossert an email pretending to be Jared Kushner. The prank email to Scaramucci pretended to be from former Chief of Staff Reince Priebus.

This is from the Kushner-Bossert email thread:

Jimmy Kimmel, the ABC TV late night host, noted that the email said, “SUSPECTED_SPAM,” yet Bossert took the bait.


Bossert’s actions show the deceptive power of a well-crafted email. The prankster used facts that he discovered about Bossert and Kushner (in this case, that they had spent time together in Iraq) to create a credible deception story.  With this fact, the prankster was able to trigger the Vishwanath triad of perceived relevance, urgency clues and habit — despite the “SUSPECTED_SPAM” notation.  While it is easy to point a finger at Bossert, what does “Suspected spam” actually mean?  It is a warning of danger or it is a filter’s best guess as to relevance?  Or both?  How often do you check your spam folder for emails that shouldn’t be in spam? How often are you instructed to check your spam folder for confirmation emails? How useful is a spam warming?

2017-08-08T15:49:05+00:00 August 8th, 2017|Cybersecurity - General, Phishing, spear phishing|