This reads like a John Le Carre novel. But in these days of phishing there’s a lesson in this for any of us..
“….But instead of following the link provided by Delavan, it appears that Podesta or Fisher (pictured at right) clicked on the “CHANGE PASSWORD” box in the original “spear phishing” correspondence (a copy of which which was included in the e-mail chain that Saturday morning).
That link led to what appeared to be a legitimate Google page, but was actually a site designed by the hackers to capture a target’s log-in credentials. The link to the spoofed Gmail page included a lengthy underlying url with the .tk suffix, indicating that the domain created to trick Podesta was registered in Tokelau, a remote group of South Pacific atolls….” How Podesta’s Gmail Account Was Breached