Our roiling political system is now facing a new threat. In an email blast to his list, the Tennessee Democrat Phil Bredesen says his senatorial campaign was hacked.
"On Wednesday afternoon (March 7) you may have received an email, coming from a spoofed email address, that appeared to come from me, asking you to click a link to view a shared document," says Bredesen, who is vying to fill the seat being vacated by Republican Bob Corker.
“Unfortunately, this email is part of an cyber intrusion into my extended campaign organization, including an unsuccessful attempt to divert campaign funds to offshore accounts. The FBI has been contacted and is involved.”
“I'm sorry for this inconvenience; this sort of thing is rapidly becoming one of the unpleasant facts of life.
That’s for sure. It’s not clear whether this is the work of foreign players trying to influence our elections, or scam artists seeking to make a buck, but it appears to be to be the latter.
According to CNN, the campaign has “identified international email hacks originating from the U.K., Nigeria and Ghana,” and asked for the campaign to wire funds to an account in Dubai.
No funds were diverted -- but they could have been. A letter from Bredesen’s office to the FBI says that “due to the fact that the impostors knew the media buy was imminent, we are concerned that there has been an unauthorized intrusion into the extended campaign organization."
The fraudulent emails reportedly were traced to an Arizona-based registrar.
Meanwhile, Bredesen’s Thursday email urges supporters:
"PLEASE DELETE THE EMAIL WITHOUT CLICKING THE LINK"
It continues: “If you have already clicked the link, out of caution you may want to run a virus scan on your computer and change appropriate passwords. The spoofed emails that I have personally seen have come from the domain "bredesens.com" (note the extra "s" at the end of my name) and not my own "bredesen.com"—it's easy to mistake one for the other, the obvious purpose.”
The email adds that “vendors to the campaign have been similarly spoofed with fake domain names looking similar to the real ones.”
In the end, no harm was done (financial, anyway), although this could be a rich area for fraud. But it raises a larger question. If foreign governments can disrupt democracy through social media, couldn’t do they do the same via a more hidden medium — email?
As this attack and other episodes prove, all it takes is the ability to hack into a campaign and access to donor email lists. It’s that easy.