It looks official, it even uses your name.

But this email is not real.

It's a personalized, targeted hacking attempt, called “spear phishing,” and it's getting

harder and harder to tell a real email from a dangerous one.

Cyber criminals aren't just targeting random individuals for credit card info.

CEOs and big companies like Sony, Facebook and Google have all been duped.

And of course...

The Russian government hackers penetrated the computer network of the Democratic National

Committee.

Wikileaks just recently published a bunch of these emails.

And all it took was one phishing email.

It was a pretty standard spear phishing attack.

An employee at the Democratic Congressional Campaign Committee, known as the D-triple-C,

got an email that looked like a Google Security alert asking her to log-in and change her

password.

It looked legitimate, and that was the point.

It was actually sent by Russian hackers.

They installed malware that took screenshots of what she was doing.

And they tracked every key she typed.

Once she went logged in to the DCCC's network, the Russians could, too.

From there, they had access to all sorts of documents: opposition research, field operation

plans, bank accounts.

They even installed malware into at least nine other computers.

One of those computers belonged to an employee who also had access to the Democratic National

Committee.

Using the same methods as before, the Russians were able to log in to the DNC network.

Once inside, they stole thousands of emails later released during the convention.

Debbie Wasserman-Schultz has announced she will resign as head of the Democratic National

Committee.

It comes after those leaked DNC emails.

All because of that one phishing email.

The Russians also sent phishing emails to 76 people within the Clinton campaign, including

campaign chairman John Podesta.

This was the actual email he received — a Google security notice telling him to click

the link to change his password.

His chief of staff thought the email seemed fishy so she flagged it to the campaign's

IT staff.

An IT staffer agreed it was suspect, and instructed Podesta to change his password immediately.

But in his haste, he wrote “legitimate” when he meant to say “illegitimate” The

rest is history.

The ongoing dump of hacked emails from the account of Clinton campaign manager John Podesta.

Every day a new batch, and the Clinton campaign knows this could be a problem for them every

day until election day.

So how do you prevent this from happening to you?

Well first, take Clinton's IT guy's advice.

Set-up two-factor authentication on everything you can.

But even that's not a guaranteed safeguard.

If you get an unexpected email, examine the url closely.

And just in case, don't click the link in the email and go to directly to the website

instead.

But you're actually more likely to see that phishing link on your phone.

Not just in an email but in a text or messaging app, too.

56% of people click on mobile phishing links.

Ultimately, if you think something looks fishy, don't take the bait.