Sign in / up

back to article Hillary spillery finds half-hearted phishery

In spite of US Presidential wannabe Hillary Clinton being one of the world's most recognisable names, hackers were so slack they only managed to get five phishing emails into her now-famous personal email server. The Associated Press calls the too-lazy-to-live attackers “Russian-linked”, but that's just because if the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Her servers must have been hard as nails or maybe someones not telling the truth?

    Maybe the register could do a competition for the most inept phishing mail received? I'll share this classic from what has to be the most useless phishing attempt I have ever received in my life, on par with our Nigerian friends. Can I just warn that no one goes to the referred webpage as I won't be held responsible and please don't confuse it with paypal as I know they look similar to someone who has had a lobotomy.

    -----Original Message-----

    From: Account [mailto:inttlserviceaccount@inboxesme.com]

    Sent: 29 September 2015 21:28

    To:

    Subject: Please log in to you account

    <https://www-payixpal.com/>

    1 0 Reply
    1. Disgusted of Cheltenham
      Reply Icon

      The occasional response from phishing@cityoflondon.police.uk that your e-mail forwarded to them has not been delivered because an attachment contains malware should be on the list of inept responses.

      1 0 Reply
    2. druck Silver badge
      Reply Icon

      Her servers must have been hard as nails or maybe someones not telling the truth?

      If she'd opened the attachment, it isn't the email server that would have been compromised, but the client machine she was using to read the email.

      2 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Of course but they must have been hardened in the anti-spam/phishing sense if only 5 got through.

        0 0 Reply
      2. Anonymous Coward
        Reply Icon
        Anonymous Coward

        re: druck (the person, not the thing)

        How do you know she was accessing via IMAP (or whatever) and not RDP?

        0 0 Reply
        1. druck Silver badge
          Reply Icon

          Re: re: druck (the person, not the thing)

          I'm pretty sure she didn't make it any further down the Start Menu than Outlook.

          P.S. Thanks for the person/thing distinction.

          0 0 Reply
      3. tom dial Silver badge
        Reply Icon

        "[I]t isn't the email server that would have been compromised, but the client machine she was using", likely enough a desktop or laptop attached to the non-classified State Department LAN, which would be a good deal worse.

        I do wonder if that is true, though, if the clintonemail.com server was being accessed through its web server. I have not seen reports that tell exactly how the setup was used.

        1 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    Probably the same way my personal email eventually made it to spammers

    I never used it for anything, preferring an old college email address for that since it was already getting spam. But the PCs of people who had me in their address book got infected with malware, and they got my email from their address book.

    Luckily it is only one spam email every week or two, rather than the half dozen a day my college email address gets (which they filter so it is probably 10x that much absent filtering)

    0 0 Reply
  3. tom dial Silver badge

    Missing the point

    This minor flap over a few spam emails misses a significant point, even granting that the five released probably were a very small fraction of the spam received by Secretary Clinton's privately operated server. (The messages released were only a small fraction of those she delivered to the government, and most of the spam would have been deleted by her staff when they selected those to be turned over, as not related to government business).

    The article quotes one of Ms. Clinton's campaign flacks as stating that they have no evidence that the email system was breached. Quite so. There has been no report, either, that the logs were examined for such evidence, or that such logs existed at all. No evidence has been offered that the system ran any kind of protective software. The State Department unclassified network surely had vulnerabilities, and according to reports was difficult for employees to access and use when off site. The Secretary's legal and organizational duty as the top level executive in the department was to task her CIO to correct those deficiencies, not to sidestep them for personal convenience or any other reason and permit them to continue.

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon