A U.S. senator known for her outspoken criticism of Russian President Vladimir Putin was hit with a bizarre impersonation attempt by someone hoping to get inside information on American sanctions targeting Russia, according to emails and an audio recording obtained by The Daily Beast.
Sen. Jeanne Shaheen (D-NH) was contacted through her staff last November by an individual who said he worked for the foreign ministry of Latvia, a tiny Baltic nation supportive of efforts to rein in Russian aggression. The man said he was trying to set up a phone call between the senator and Edgars Rinkevičs, the Latvian foreign minister.
The purpose of the meeting, he said in an email, was to discuss “prolongation of anti-Russian sanctions” and “general security with Kaspersky laboratory case.”
It was a plausible enough reason for a meeting. Shaheen authored the law mandating a government-wide purge of software made by Moscow-based cybersecurity firm Kaspersky Lab, and is a key backer of sanctions intended to isolate Russia for its incursions into eastern Europe and its interference in western democracies. Her efforts have earned her a spot on an official Russian government “blacklist.”
A staffer for the senator responded to the email and proposed a date and time for a phone call between Shaheen and Rinkevičs. The supposed Latvian official, who called himself “Arturs Vaiders” and listed his job title as the “second secretary of the state protocol,” agreed.
But before the call could take place, Shaheen’s office contacted the Latvian embassy to confirm Vaiders’ bona fides. The embassy responded that the outreach attempt was fake.
The proposed date and time for the call came and went, and the person posing as Vaiders sent a follow-up email: “We didn’t received [sic] the call at the time.”
He also left a voicemail message for the senator’s office to follow up on the email conversation. The audio was obtained by The Daily Beast.
“Hi, this is Arturs Vaiders. I work for the minister of foreign affairs and I left you a message about trying to do a call with the senator and the minister. Could you respond on our email, please? Thank you,” the individual said in a heavy accent.
After a brief pause, the person added: “We are calling from Latvia.”
Ryan Nickel, a spokesman for Shaheen, told The Daily Beast that staffers in her Senate office frequently receive hoax emails and phishing attempts on their official email accounts. They shared the more troubling ones, including the approach by the fake Latvian, with law enforcement officials.
“Sen. Shaheen’s office is working with all relevant authorities to investigate these incidents and determine their origin,” Nickel told The Daily Beast.
Lawmakers are on high alert for suspicious emails after a number of attempted hack attacks linked to the Russian government. Last week, The Daily Beast reported that Sen. Claire McCaskill (D-MO), one of the most vulnerable Senate Democrats in the upcoming midterm elections, was the target of an unsuccessful hacking attempt by Russia’s military intelligence agency, the GRU.
In that attempted attack, some of McCaskill’s staffers received realistic-looking email notices instructing them to change their password. The link included in the email went to a fake password-change portal set up to capture any password entered.
Shaheen, like McCaskill, has been highly critical of Russia. In December, just a month after her office’s correspondence with the fake Latvian official, the Russian foreign ministry denied Shaheen a visa ahead of a planned trip there with two of her Republican colleagues. Earlier this month, she traveled to Brussels to attend the annual North Atlantic Treaty Organization (NATO) summit. Putin has sought to weaken that alliance.
But unlike McCaskill, Shaheen is not up for re-election this year; her next election is not until 2020. Moreover, Shaheen is in a relatively safe seat, while McCaskill, also a Democrat, is trying to win re-election in November in a state that President Donald Trump won by nearly 20 points in 2016.
Despite the explicit interest in U.S. sanctions against Russia and the Kaspersky ban, there’s no evidence so far that the Russian government was involved in the attempted Latvian fake-out targeting Shaheen. No malware was attached to the emails, and the fake foreign ministry official did not try to send Shaheen’s staff to a malicious website. An internet IP address in the e-mail headers traces back to a hosting company in Amsterdam.