Senior officials at the White House were tricked by a self-described UK-based “email prankster” and made at least one cyber security official believe that he was Jared Kushner, President Donald Trumps son-in-law.
The prankster managed to present himself as White House senior adviser Kushner, former chief of staff Reince Priebus and recently-nominated ambassador to Russia Jon Huntsman Jr.
In one set, the prankster posed as Kushner in a message sent to Homeland Security Adviser Tom Bossert.
“Tom, we are arranging a bit of a soiree towards the end of August,” the fake Kushner on an Outlook account wrote to the official White House email account of Bossert, the CNN reported.
Bossert wrote back: “Thanks, Jared. With a promise like that, I cant refuse. Also, if you ever need it, my personal email is” (redacted).
The email prankster said he was surprised Bossert responded given his expertise.
White House officials acknowledged the incidents and said they were taking the matter seriously.
“We take all cyber related issues very seriously and are looking into these incidents further,” White House press secretary Sarah Huckabee Sanders said.
Cyber experts said the incidents are illustrative of how vulnerable Americans — even those in the highest reaches of power — remain to the potential threat of spear-phishing, the process through which officials are duped by hackers, and expose government computers and systems to various cyber threats.
No one in any of these situations clicked any links making them vulnerable, and the prankster appears motivated by mischief not anything more malignant, so the severity of these White House pranks should not be overstated.
“This shows how susceptible government officials are to spear-phishing in general,” Adam Malone, a former cyber specialist and special agent for the FBI, said.
“Spear-phishing is the most common technique used by hackers to gain access to their victims. This information shines a light on how easy it is for people to build trust with unverified individuals,” Malone said.
Former Hillary Clinton campaign chair John Podesta infamously fell victim to such a trap, though the person who preyed on him had more nefarious intentions than mockery.
“I try and keep it on the humorous side of things,” the email prankster said.
“Im not trying to get the keys to the vault or anything like that,” the prankster said.