---
title: "White House, The Most Secure Place In The World Targeted By Cyber Criminals Through Spear Phishing Attacks | Phish Protection"
description: "It was not long ago the white house was in the news when US intelligence agencies concluded Russia tried to sway the US presidential election in favor of."
image: "https://phishprotection.com/og/blog/white-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks.png"
canonical: "https://phishprotection.com/blog/white-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks/"
---

Quick Answer

It was not long ago the white house was in the news when US intelligence agencies concluded \_Russia tried to sway the US presidential election in favor of Donald Trump alleging that the Russian hackers stole the information of rival Hillary Clinton's campaign\_. The White House is said to be one of the most secured and safe-guarded buildings in the world. But when it comes to cybersecurity, no one is spared. Yes, even top-ranked White House officials including the \_Homeland

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhite-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=White%20House%2C%20The%20Most%20Secure%20Place%20In%20The%20World%20Targeted%20By%20Cyber%20Criminals%20Through%20Spear%20Phishing%20Attacks&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhite-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhite-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhite-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks%2F&title=White%20House%2C%20The%20Most%20Secure%20Place%20In%20The%20World%20Targeted%20By%20Cyber%20Criminals%20Through%20Spear%20Phishing%20Attacks "Share on Reddit") [ ](mailto:?subject=White%20House%2C%20The%20Most%20Secure%20Place%20In%20The%20World%20Targeted%20By%20Cyber%20Criminals%20Through%20Spear%20Phishing%20Attacks&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fwhite-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/08/phishing-definition-5677.jpg) 

It was not long ago the white house was in the news when US intelligence agencies concluded _Russia tried to sway the US presidential election in favor of Donald Trump alleging that the Russian hackers stole the information of rival Hillary Clinton’s campaign_. The White House is said to be one of the most secured and safe-guarded buildings in the world. But when it comes to cybersecurity, no one is spared. Yes, even top-ranked White House officials including the _Homeland security Advisor and other White House officials were spoofed by cyber-criminals_.

It was all the work of an email prankster from the UK who played his tricks on several White House officials by impersonating emails from other officials in the White House. The first man to fall prey to this attack is none other than Tom Bossert, Homeland [Security Officer in White House](https://www.graphus.ai/successful-white-house-spear-phishing-attacks-show-no-one-safe/). In what seemed like a regular email from one of the president’s senior advisor, Jared Kushner, the email invited Tom Bossert for a party and asked whether he would be willing to take part of it. Tom Bossert accepted the invite without understanding the **threats behind the attack**.

_The modus operandi behind these attacks is how the attackers do extensive research on the subjects_, zero-in on a likely target and then craft an email subject cleverly to woo the target. And the person who receives the email doesn’t have a clue that it is a **phishing email** and fall into the traps of the adversaries. If a place like [White House is not safe from spear phishing](https://www.valimail.com/anatomy-of-a-spear-phishing-attack-on-the-white-house/) campaigns, then what hope does a common man have and what is the state of our information and **email security**.

![Phishing definition](https://media.mailhop.org/phishprotection/images/2019/08/phishing-definition-5677.jpg) 

### Everyone is Vulnerable

Most of the attacks from cybercriminals start with just a spear phishing email because of the fact that anyone can be easily manipulated with an impersonated email. That is the reason that **spear phishing attacks** pose a more significant threat for businesses around the world.

It was a Spear Phishing attack, _which is the most effective and standard mode of phishing for attackers_. This is carried out by sending spoofed e-mails which are seemingly over-trustful but uses fake e-mail addresses. The spear phishing attack technique is specifically designed and targeted at a particular user group or an organization (as it was done in case of White House). The attacker usually undertakes thorough research before they send out an e-mail to the targeted individual of the organization.

A survey conducted by GreatHorn that included a total of around 115,000 mailboxes with approximately 375 million email messages to get an understanding of how many emails are affected or anomalous. And the results of the survey were astounding as it seemed almost 0.015% of emails are suspicious or contains elements which could be some **phishing threat**.

According to the FBI, the losses due to spear phishing attacks from adversaries is over a billion dollars every year, and _the number of attacks seems to be increasing every year though_.

### What should we do to stop getting compromised?

> “Microsoft’s built-in phishing protection in Office 365 catches the obvious attacks, but it consistently misses targeted spear phishing and zero-day threats. We see this every day - customers come to us after an incident that Microsoft Defender didn’t catch. Adding a dedicated anti-phishing layer takes five minutes and closes that gap.” - **Adam Lundrigan**, CTO, DuoCircle

When you take at the nature of the issue from a broader perspective, it can be said the significant factors that drive these threats are:

### Adopting Cloud Email Servers without ensuring a Secure Email Gateway

Most of the people’s daily work revolves around emails and mostly from 2012 people have shifted to cloud email servers like Microsoft Office 365 and Google G suite. But the issue with many companies is that they fail to check whether their **Secure Email Gateways** are updated to handle the threats posed by the cloud infrastructure.

When it comes to Secure Email Gateways (SEG), they do not offer complete protection, and that is the reason hackers can easily bypass the security cover. The emails are cleverly impersonated that the email gateways are not updated to detect those kinds of deception-based attacks. A classic example was the [White House attack](https://www.insuretrust.com/white-house-targeted-spear-phishing-cyber-attack-2/), where no one can blame the official for opening a well-crafted email that seemed like it came from a trusted White House staff.

Hence it is up to the cloud email providers to beef up their security systems and provide users with an enhanced security cover from spear phishing attacks.

### Security Awareness Programs Don’t Help Much To The Cause

While organizations do invest in conducting [phishing awareness programs](/blog/phishing-awareness-training-is-getting-some-large-investments/) to their employees, it doesn’t seem to be very useful. _The number of email-based cyberattacks that increase every year does prove this point_. According to a study by Forrester conducted on organizations that were attacked by cybercriminals, the security programs were not much helpful it seems.

### Lack Of Experienced Security Professionals

Another issue is the lack of well-trained and experienced security experts, and as of today, close to 1 million jobs related to security is unfilled, and it is expected that the number will only go up. And as a result, organizations are mostly understaffed in their security departments, which also is a primary reason they cannot increase their security posture to a great extent. This makes it easy for attackers to easily bypass the security systems and get access to all the critical information. So when neither security training programs nor the understaffed security teams can safeguard us from the attackers, where is the hope?

![What is phishing](https://media.mailhop.org/phishprotection/images/2019/08/what-is-phishing-5531.jpg) 

### Automation Is The Answer

To [prevent phishing](/) attacks from cybercriminals and safeguard critical information, it is essential to devise a method where these threats are detected and stopped automatically. Yes, an automated workflow will help in reducing the time taken drastically to detect any attack and respond quickly.

The government has understood the seriousness with [spear phishing](/blog/spear-phishing-the-greatest-threat-to-democracy/) attacks and is looking for implementing key control measures that help in analyzing the risk and the magnitude of damage that can be caused during a cyber-attack and what are the countermeasures to be put into place to reduce the damage.

Organizations need to strengthen their cybersecurity with dedicated and skilled technical resources along with some advanced automated workflows that can help them to detect and stop these impersonated emails automatically. Or else it would be impossible for humans to check whether the email they received is a genuine one or not. But until such advanced and automatic workflows are in place, we are always in constant threat and stand exposed before the adversaries unless we keep ourselves updated with recent attacks taking place and security awareness.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"White House, The Most Secure Place In The World Targeted By Cyber Criminals Through Spear Phishing Attacks","description":"It was not long ago the white house was in the news when US intelligence agencies concluded Russia tried to sway the US presidential election in favor of.","url":"https://phishprotection.com/blog/white-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks/","datePublished":"2019-08-19T13:25:37.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-08-19T13:25:37.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/white-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks/"},"articleSection":"foundational","keywords":"Phishing","wordCount":1075,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/08/phishing-definition-5677.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"White House, The Most Secure Place In The World Targeted By Cyber Criminals Through Spear Phishing Attacks","item":"https://phishprotection.com/blog/white-house-the-most-secure-place-in-the-world-targeted-by-cyber-criminals-through-spear-phishing-attacks/"}]}
```