Macron campaign team used honeypot accounts to fake out Fancy Bear

Enlarge / Newly elected French president Emmanuel Macron (C) poses with a woman for a selfie as he leaves the hairdresser on May 9, 2017, in Paris. Macron’s campaign mounted a digital defense against an apparent Russian phishing campaign by creating large numbers of fake e-mail accounts filled with garbage documents. (credit: PATRICK KOVARIK / Getty Images)

The failed effort by Russian attackers to influence the outcome of the French presidential campaign in its final hours was in part a forced error, thanks to an active defense by the digital team of French president-elect Emmanuel Macron’s campaign organization. Campaign team members told the New York Times that as the phishing attacks mounted, they created a collection of fake e-mail accounts seeded with false information.

“We created false accounts, with false content, as traps,” Macron campaign digital director Mounir Mahjoubi told the Times. “We did this massively, to create the obligation for them to verify, to determine whether it was a real account.”

The move was a delaying tactic aimed at increasing the attacker’s workload. The “honeypot” accounts were filled with large volumes of fake documents. “That forced them to waste time, by the quantity of the documents we put in and documents that might interest them,” Mahjoubi said. “Even if it made them lose one minute, we’re happy.”

Read 2 remaining paragraphs | Comments