This classic hack is noteworthy for both its impact and simplicity. It started with…you guessed it…a phishing email.

In 2013, the Twitter account of the Associated Press news wire service reported “Breaking: Two Explosions in the White House and Barack Obama is injured.” It was completely false news.

In fact, the AP Twitter account had been taken over by the Syrian Electronic Army — who were attacking multiple media organizations during that time in a failed attempt to limit and/or soften coverage of the Syrian civil war.

The hack had an immediate effect on the US stock market. At 1:08 pm ET the Dow started dropping – losing 150 points by 1:10 pm ET. By 1:10 pm ET the AP was widely reporting that they had been hacked and the news about the White House bombing was fake.

Below is the message AP employees saw in their email box. Many clicked on it.

Sent: Tue 4/23/2013 12:12 PM
From: [An AP staffer]
Subject: News

Hello,
Please read the following article, it’s very important :
http://www.washingtonpost.com/blogs/worldviews/wp/2013/04/23/

[A different AP staffer]

Associated Press
San Diego
mobile [removed]

This looks pretty legitimate and, in the crush and frenzy of working in a 24 news cycle, could easily be mistaken as real. Unfortunately clicking on that URL injected a Trojan into the AP systems that managed to find AP’s Twitter account handle and login.

Noticing a theme here? Social engineering makes hacking easier than it has ever been.