Boy, did he pay a price! But it's a learning opportunity for us.
Apparently John Podesta had his email hacked, and as a result some emails that proved very embarrassing to Hillary Clinton and her campaign became public knowledge. The best I can determine is that he opened a phishing email, then opened an attachment containing malware. Big mistake.
Peter Mackenzie at Sophos.com provided a helpful lesson on how to avoid that outcome at Why you should be cautious of emails from friends or colleagues. He used a real life example with a bogus email that purportedly came from his solicitor.
It worked this way. A hacker hijacked his lawyer's email address and sent phishing emails to Mr. Mackenzie and maybe other clients. The email contained what looked like a legitimate attachment, e.g., a contract for the client's approval. He rolled his cursor over the attachment link and found something suggesting it wasn't what it seemed. The pdf had an additional suffix: pdf.htm. Clicking on that led him to a link for a fake Gmail login page, but it didn't really go to a website, it was code included in the HTM file. If he had entered his login information it would have been forwarded to the hacker which would have given the hacker access to his email account.
The important take-away from this is to be especially wary of any pdf with an additional suffix, e.g., pdf.htm.
Read the whole thing and you'll be more knowledgeable than Hillary Clinton's most trusted adviser.