The press is widely reporting the Wikileaks postings of John Podesta’s emails. John Podesta is Hillary Clinton’s campaign manager. How was John Podesta’s email account compromised? The Associated Press provides a step-by-step account of how, it appears, Podesta’s emails were stolen.
Step 1. The hackers sent Podesta an email telling that someone was trying to log into his gmail account and he should reset his password. This is the email that is posted in Wikileaks:
Step 2. Podesta, to his credit, sent this to his IT experts for advice.
Step 3. Clinton’s campaign help desk staffer Charles Delavan wrote back 25 minutes later: “This is a legitimate email. John needs to change his password immediately.” Unfortunately, the IT guy was wrong and this was not a legitimate email.
Step 4. Podesta took the IT expert’s advice to change his password and clicked the change password link (highlighted about in yellow) in the email that IT had identified as legitimate.
Step 5. Bad things happened.
Wouldn’t it be nice to have a tool that helped to identify real email? That tool is SP Guard.