Hillary Clinton's campaign got hacked by falling for the oldest trick in the book

Democratic presidential nominee Hillary Clinton has a hacking problem.

More specifically, her campaign's chairman, John Podesta, had his personal Gmail account compromised earlier this year. The hack was allegedly perpetrated by the Russian government, and loosed over 50,000 emails; Wikileaks has since published thousands of those emails.

Some of those emails have led to discomfort in the Democratic Party in the final month leading up to Election Day on November 8. More often, the emails reveal the inner workings of Clinton's presidential campaign across the past year, insecurities and all.

See related photos

Podesta emails: Hillary Clintons Vice President list
See Gallery
Podesta emails: Hillary Clintons Vice President list
UNITED STATES - SEPTEMBER 21: Democratic Caucus Chairman Xavier Becerra, D-Calif., and Democratic Caucus Vice Chairman Joe Crowley, D-N.Y., hold a media availability immediately after the House Democrats' caucus meeting on Wednesday, Sept. 21, 2016. (Photo By Bill Clark/CQ Roll Call)
Housing and Urban Development (HUD) Secretary Julian Castro gives a keynote address during the National Association of Latino Elected and Appointed Officials (NALEO) 32nd annual conference in Las Vegas, Nevada June 17, 2015. REUTERS/Steve Marcus
Los Angeles Mayor Eric Garcetti speaks during the final night of the Democratic National Convention in Philadelphia, Pennsylvania, U.S. July 28, 2016. REUTERS/Mike Segar
U.S. Assistant Attorney General Tom Perez stands as President Barack Obama (not pictured) introduces him to be his next labor secretary, at the White House in Washington, March 18, 2013. Before joining the Justice Department in 2009, Perez was Maryland's labor secretary. If confirmed by the Senate, he will replace Hilda Solis, who resigned in January. REUTERS/Jonathan Ernst (UNITED STATES - Tags: POLITICS HEADSHOT)
PUEBLO, CO - October 12: Hillary Clinton gets a hug from former Secretary of the Interior Ken Salazar at the beginning of the Colorado Democratic Party Rally at the Palace of Agriculture on the Colorado State Fairgrounds October 12, 2016. (Photo by Andy Cross/The Denver Post via Getty Images)
UNITED STATES - SEPTEMBER 7: Sen. Tammy Baldwin, D-Wisc., leaves the Senate Democrats' weekly policy lunch in the Capitol on Wednesday, Sept. 7, 2016. (Photo By Bill Clark/CQ Roll Call)
Senator Kirsten Gillibrand (D-NY) takes the stage to speak at the Democratic National Convention in Philadelphia, Pennsylvania, U.S. July 25, 2016. REUTERS/Mike Segar
U.S. Senator Amy Klobuchar (D-MN) talks at the public launch of the U.S. Agriculture Coalition for Cuba while at the National Press Club in Washington, January 8, 2015. REUTERS/Larry Downing (UNITED STATES - Tags: POLITICS BUSINESS AGRICULTURE)
PHILADELPHIA, PA - JULY 28: Sen. Jeanne Shaheen (D-NH) delivers remarks on the fourth day of the Democratic National Convention at the Wells Fargo Center, July 28, 2016 in Philadelphia, Pennsylvania. Democratic presidential candidate Hillary Clinton received the number of votes needed to secure the party's nomination. An estimated 50,000 people are expected in Philadelphia, including hundreds of protesters and members of the media. The four-day Democratic National Convention kicked off July 25. (Photo by Alex Wong/Getty Images)
UNITED STATES - SEPTEMBER 7: Sen. Debbie Stabenow, D-Mich., speaks with reporters in the Senate subway as she arrives in the Capitol for the Senate Democrats' policy lunch on Wednesday morning, Sept. 7, 2016. (Photo By Bill Clark/CQ Roll Call)
U.S. Senator Elizabeth Warren (D-MA) speaks on the final night of the Democratic National Convention in Philadelphia, Pennsylvania, U.S. July 28, 2016. REUTERS/Mike Segar
DENVER, COLORADO - OCTOBER 12: U.S. Senator Michael Bennet (D-Incumbent) participates in a televised debate in the Anschutz Hamilton Hall at the History Colorado Center on October 11, 2016 in Denver, Colorado. The debate, against challenger Darryl Glenn (R-challenger) and hosted by 9 News, was moderated by anchor Kyle Clark and political reporter Brandon Rittiman both of 9 News. (Photo by Helen H. Richardson/The Denver Post via Getty Images)
CORRECTION - US Senator Sherrod Brown of Ohio addresses delegates on the fourth and final day of the Democratic National Convention at Wells Fargo Center on July 28, 2016 in Philadelphia, Pennsylvania. / AFP / SAUL LOEB / The erroneous mention[s] appearing in the metadata of this photo by SAUL LOEB has been modified in AFP systems in the following manner: [US Senator Sherrod Brown of Ohio] instead of [US Representative Xavier Becerra of California]. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo credit should read SAUL LOEB/AFP/Getty Images)
Democratic U.S. vice presidential nominee Senator Tim Kaine speaks during his debate against Republican U.S. vice presidential nominee Governor Mike Pence (not shown) at Longwood University in Farmville, Virginia, U.S., October 4, 2016. REUTERS/Chris Keane
PHILADELPHIA, PA - JULY 26: Gov. Terry McAuliffe (D-VA) gives a thumbs up to the crowd on the second day of the Democratic National Convention at the Wells Fargo Center, July 26, 2016 in Philadelphia, Pennsylvania. Democratic presidential candidate Hillary Clinton received the number of votes needed to secure the party's nomination. An estimated 50,000 people are expected in Philadelphia, including hundreds of protesters and members of the media. The four-day Democratic National Convention kicked off July 25. (Photo by Alex Wong/Getty Images)
U.S. Senator Chris Murphy (D-CT) speaks on the third day of the Democratic National Convention in Philadelphia, Pennsylvania, U.S. July 27, 2016. REUTERS/Mike Segar
U.S. Agriculture Secretary Tom Vilsack speaks about the drought during a press briefing at the White House in Washington July 18, 2012. Broiling heat has blanketed much of the U.S. Midwest this week, exacerbating the region's worst drought in more than 50 years and devastating corn, soy and other vital crops. REUTERS/Kevin Lamarque (UNITED STATES - Tags: POLITICS ENVIRONMENT DISASTER AGRICULTURE)
Anthony Foxx, U.S. secretary of transportation, speaks during a Senate Commerce, Science and Transportation Committee hearing in Washington, D.C., U.S., on Wednesday, June 8, 2016. Foxx testified on the implementation of the Fixing Americas Surface Transportation (FAST) Act that was signed into law in December. Photographer: Andrew Harrer/Bloomberg via Getty Images
Retired U.S. General John Allen, special envoy for building the coalition against Islamic State, speaks to the media during a news conference at the U.S. embassy in Baghdad January 14, 2015. REUTERS/Thaier Al-Sudani (IRAQ - Tags: POLITICS CIVIL UNREST)
Admiral Mike Mullen, chairman of the U.S. military's Joint Chiefs of Staff speaks at a news conference in Baghdad August 2, 2011. The top U.S. military officer called on Tuesday for a swift end to violence in Syria but said direct U.S. involvement was unlikely beyond diplomatic pressure on President Bashar al-Assad to implement reforms. REUTERS/Mohammed Ameen (IRAQ - Tags: POLITICS MILITARY)
General Motors Chairman and CEO Mary Barra speaks during a keynote address at the 2016 CES trade show in Las Vegas, Nevada January 6, 2016. REUTERS/Steve Marcus
Former New York City Mayor Michael Bloomberg attends a meeting during the World Climate Change Conference 2015 (COP21) at Le Bourget, near Paris, France, December 4, 2015. REUTERS/Stephane Mahe
Xerox Chairman and CEO Ursula Burns during a CES Innovation Power Panel at the 2012 International Consumer Electronics Show (CES) in Las Vegas, Nevada January 11, 2012. CES, the world's largest consumer technology tradeshow, runs through January 13. REUTERS/Steve Marcus (UNITED STATES - Tags: BUSINESS SCIENCE TECHNOLOGY)
Apple Inc CEO Tim Cook discusses the iPhone 7 during an Apple media event in San Francisco, California, U.S. September 7, 2016. Reuters/Beck Diefenbach
Bill Gates, co-chair of the Bill & Melinda Gates Foundation, speaks during a discussion on innovation hosted by Reuters in Washington, U.S., April 18, 2016. REUTERS/Joshua Roberts
Melinda Gates, co-founder of Bill and Melinda Gates Foundation, speaks during an interview with Reuters, after taking part in the opening plenary of the Global Maternal Newborn Health Conference in Mexico City, Mexico October 19, 2015. The foundations of the two of the world's richest men are stepping up efforts to use innovative data and mobile technology to end easily preventable deaths of mothers and newborns in the poorest pockets of Mexico and Central America.The Bill and Melinda Gates Foundation together with the Carlos Slim Foundation are preparing to launch next year a second phase of Salud Mesoamerica, a program hailed by experts as a success story. Picture taken on October 19, 2015. REUTERS/Henry Romero
Judith Rodin, president of the Rockefeller Foundation, participates in a panel discussion at the Clinton Global Initiative, in New York, September 23, 2009. About 1,200 participants including heads of state, business leaders, humanitarians and celebrities will attend the fifth annual Clinton Global Initiative (CGI) which started on Tuesday. REUTERS/Chip East (UNITED STATES POLITICS BUSINESS)
Starbucks Chairman and CEO Howard Schultz appears on the Fox Business Network's Opening Bell with Maria Bartiromo television program in New York City, November 6, 2014. REUTERS/Mike Segar (UNITED STATES - Tags: BUSINESS FOOD)
U.S. Democratic presidential nominee Hillary Clinton listens as U.S. Senator Bernie Sanders speaks about college affordability during a campaign event at the University of New Hampshire in Durham, New Hampshire, United States September 28, 2016. REUTERS/Brian Snyder

How is it that a man such as Podesta, in such a position of importance, had his email compromised? Turns out he's just as susceptible to social engineering hacks as your Uncle Morty.

Podesta's email was apparently accessed by a simple social engineering tactic, called "phishing":

  • Hackers emailed him posing as Google's Gmail account services department.
  • They then told him his password was compromised, and provided a false link to a place to change his password (this appears to be where Podesta went wrong, eventually clicking this link and entering his information).
  • Before doing anything else, Podesta's chief of staff forwarded that email to the Clinton campaign's internal computer security department.
  • A Clinton campaign help desk staffer, seemingly fooled by the ruse himself, called the email "legitimate."
  • He then asked Podesta's chief of staff to ensure that Podesta had two-factor authentication turned on (which adds extra security to his account), and to change his password.

Despite the campaign staffers sending Podesta the correct email link from Google to reset his password, Podesta seemingly clicked the original link.

Simply put: Rather than clicking a legitimate Google account link, he apparently clicked through to a fake website run by hackers. When he entered his account information, he handed over the keys to his Gmail willingly.

Pizza Delivery ManJustin Sullivan/Getty Images

Phishing is a hacking tactic that's actually older than computer-based hacking, and involves simple social engineering.

Rather than trying to find holes in Podesta's personal internet security (using programs that guess password strings, for instance), hackers simply put on a disguise and tried tricking him directly. This is often done by either posing as a figure of authority or as an expert; in this case, the hackers posed as Gmail security (an expert) and had their disguise backed up by Clinton's help desk staffer.

Even worse for Podesta, the human safeguards around him — his chief of staff, Sara Latham, and help desk staffer Charles Delavan — reconfirmed the disguise as "legitimate." If this is indeed how it all went down, Delavan made a huge mistake.

There are two obvious red flags in the initial "phishing" email sent to Podesta:

John Podesta email red flagsJustin Sullivan/Getty Images

First and foremost, you're never going to get an email from Google with "googlemail" as part of the URL.

It seems legit, because if you go to www.GoogleMail.com, it redirects to Gmail. But Google doesn't call it "Gmail" for nothing. A quick search of your own Gmail account for the string "googlemail" likely won't turn up any legitimate results from Google. That's because it's a fake address that's close enough to be believable.

But that alone isn't enough to deem this fake.

The big giveaway here is the password change URL: a Bitly link. Google is never going to send you a Bitly link as an official link.

Bitly links are simplified versions of other links, like so:

  • Here's a Bitly link to my favorite RoboCop GIF: http://bit.ly/2f0JHCC.
  • The full URL for that incredible GIF is: http://giphy.com/gifs/thank-you-robocop-for-your-cooperation-U8bDgsXcnIEFy

Get it? That means the Bitly link in the initial email sent to Podesta was actually hiding a URL — a fake site meant to look like Gmail account retrieval that actually served as a front for the hackers. Podesta enters his login and password, then he puts in a new one. Voila: The hackers now have both his old and new password, as entered by John Podesta.

(We obscured the Bitly link above in the email intentionally as it still leads to a potentially malicious website.)

But, to be clear, clicking through that Bitly link should've been another huge red flag for Podesta; the URL shows up with a ".tk" ending, the top-level domain name for Tokelau (a territory of New Zealand). And wouldn't you know it, Google — being one of the biggest internet companies in the world — has no problem locking down .com URLs.

NOW WATCH: Hillary Clinton's campaign chair is obsessed with UFOs and aliens

See Also:

SEE ALSO: New evidence shows Hillary Clinton campaign chair's email was hacked in a phishing scheme

Read Full Story

Sign up for Breaking News by AOL to get the latest breaking news alerts and updates delivered straight to your inbox.

Subscribe to our other newsletters

Emails may offer personalized content or ads. Learn more. You may unsubscribe any time.