White House Officials Fooled by ‘Email Prankster’
Can your employees spot a fake email?
A number of White House officials were reportedly tricked by a self-proclaimed “email prankster” based in the U.K. who posed as other senior White House members to solicit responses.
On one occasion, an official in charge of White House cybersecurity mistook the prankster as President Trump’s son-in-law, Jared Kushner and disclosed his personal email address unprompted, CNN reported.
The mystery emailer has also posed as other administration figures, including Eric Trump and Russian ambassador-designate John Huntsman. Pretending to be former White House Chief of Staff Reince Priebus, the anonymous prankster also engaged in a lengthy exchange with Anthony Scaramucci, who at the time was serving as the White House Communications Director before being fired Monday.
White House Press Secretary Sara Huckabee Sanders acknowledged the incident to CNN, saying that they administration takes “all cyber related issues very seriously” and will be “looking into these incidents further.”
The prankster, who refers to himself as a "lazy anarchist" in his Twitter bio, carried out similar shenanigans earlier this year, emailing several bank executives to see if he could elicit a response.
“While these particular incidents were undertaken to be funny, the implications of how easily the individuals involved were entrapped should be clear," VP of product management and strategy at Tripwire, Tim Erlin said. "The difference between this prankster and a serious criminal is only in the disclosure of the results. A serious criminal wouldn’t have shared the outcome with the press. Email spearphishing is a big challenge for cybersecurity, and shouldn’t be taken lightly."
In the cybersecurity world, this is business’ worst nightmare. How do you make sure your employees are able to spot the fake in a world of people willing to try anything to “prank” a person? The worst part about this is a prank is the best thing that could happen, identity theft, data breaches and complete lockdowns of network systems could come of something like this.