What’s spear-phishing, Russia’s alleged voter hacking technique?

Federal Contractor Arrested For Leaking ‘Top Secret’ Russia Document

A top-secret report allegedly leaked to a news outlet by a federal contractor in Augusta shows Russia used a hacking technique called "spear-phishing" to interfere in the 2016 U.S. presidential election, according to that news outlet, The Intercept.

Much is unknown about the first arrest of an alleged leaker under President Donald Trump, who has chided the practice for months.

What is known is how Russia's alleged cyber weapon of choice usually works. This is one of several issues the AJC is examining following Winner's arrest.

Spear-phishing is a type of cyberattack, similar to phishing, but targeted toward a specific individual or entity, according to The Associated Press. Compare it to phishing, which is a broader form of online fraud that aims to steal things like credit card numbers, social security numbers, user IDs and passwords.

Spear-phishing often uses email to get personal credentials such as login information or other sensitive materials.

The NSA report that Reality Leigh Winner is accused of leaking to The Intercept alleged that Russian military intelligence officials sent spear-phishing emails to more than 100 local voting officials in the days leading up to the election.

The AJC has several staffers — including in Augusta and Winner’s hometown of Kingsville, Texas — reporting on this story throughout the day offering exclusives including interviews with family and others who know Winner, Georgia’s expanding cybersecurity community and the impact of the leak on election security. Visit myAJC.com for the latest updates, such as what we know about the alleged leak, The Intercept and spear-phishing.