On Monday, CNN reported that someone had successfully prank emailed several White House officials, duping them into thinking that they were corresponding with other staff members. The prank, while intriguing in terms of providing insight into the communication styles of White House staffers, also raised concerns about possible cyber security implications.
The prankster used the "spear phishing" technique to con former White House communications director Anthony Scaramucci, Ambassador to Russia-designate Jon Huntsman Jr., Homeland Security adviser Tom Bossert, and Donald Trump Jr. into thinking they were communicating with other White House officials.
CNN broke the news of the prank emails after receiving copies of them from the "prankster" himself. The prankster tweets under the handle @SINON_REBORN and is reportedly based out of the United Kingdom. He seemingly uses Twitter to share his email pranks with his nearly seven thousand followers.
The email exchange with Scaramucci, who thought he was communicating with Trump's former chief of staff Reince Priebus, was perhaps the most colorful. In one email, the "fake Priebus" very bluntly criticized Scaramucci for a tweet he had published regarding the media. Scaramucci responded with an ominously warning: "You know what you did. We all do. Even today. But rest assured we were prepared. A Man would apologize."
Another subsequent exchange also took place between the former communications director and "fake Priebus" in which Scaramucci directed Trump's former chief of staff to read Shakespeare and Othello and again warned that he "knew what he [Priebus] did."
Veep and House of Cards have got to up their game next season to match the insanity of this reality...... https://t.co/HecXo3Yzsc— Charly McCafferty (@Ixchelbunny) August 1, 2017
Posing as Trump's son-in-law Jared Kushner, the prankster also invited Bossert to a party, which he graciously accepted. He also pretended to be Trump's son, Eric, when writing to Huntsman. The real Huntsman thanked the "fake Eric" for his "thoughtful" note and reflected on his upcoming Russia assignment.
Interestingly, the only person who appeared to catch on to the ruse early on was Trump's son Eric, who received an email from the prankster as his brother, Donald Trump Jr. Eric subsequently reported the email to law enforcement officials.
White House officials have acknowledged that the hacking incidents did indeed occur and said they are looking into the matter. White House Press Secretary Sarah Huckabee Sanders told CNN, "We take all cyber related issues very seriously and are looking into these incidents further."
I wished Jon Huntsman Jr all the best. He seems enthusiastic about his new role. pic.twitter.com/ITyjxDsYhL— EMAIL PRANKSTER (@SINON_REBORN) July 21, 2017
The intentions of the prankster's intentions do not appear to be truly malicious and no links were clicked on in the emails that could have subjected the recipients to further hacking, CNN reported. However, the incident has raised questions about cyber security weaknesses in the White House.
Moreover, the fact that Bossert, who in addition to his role as Homeland Security adviser also serves as the U.S. cyber security chief, was still duped by this prankster's email is worrisome — especially considering that in the future cyber attacks could be far less innocuous.
According to Market Watch, malicious spear-phishing incidents can have extensive negative ramifications because they allow hackers to access a user's private computer and networks. For example, last year a spear-phishing attack on John Podesta, Hillary Clinton's former campaign chairman, resulted in the publication of several damaging emails on Wikileaks.
Overall, while the recent White House email prank appeared to thankfully be fairly innocent, the fact that it even occurred at all should be taken very seriously, as it means a far less innocent type of attack could potentially occur in the future. Hopefully the lessons learned from this cyber "prank" are not lost on the administration.