A UK Government minister, MPs, staff and journalists in Westminster have all been found to have been targeted by two suspicious mobile numbers with explicit photos and "flirty" messages in a “spear phishing attack".
At least 12 men have been identified by Politico to have received messaged from October 2023 to February 2024. The cohort are understood to include a UK Government minister, four MP staffers, a political journalist and a senior Labour MP.
The numbers used the names "Abi and Charlie/Charlotte" - changing the name dependent on the victims sexuality - to send personalised messages with references to appearance and political events. Pictures of an explicit nature were sent several times, and one victim of the phishing attack replied with a photo themselves.
One victim has since said: "This sounds so obvious now, but don’t send pictures to someone you don’t know and trust".
READ MORE: BBC: Scottish minister says 'fake' hate crime complaint submitted
In each case, the numbers started the conversation in a similar way. They claim to have met the victim at an event such as a campaign day or a party conference, while stating they had "had a little flirt". Politico reports that conversations turned sexual "quickly" in four cases with explicit images sent in three.
Dominik Wojtczak, head of the Cybersecurity Institute at the University of Liverpool, branded the incidents a “spear phishing attack”. This is considered a highly personalised form of “phishing".
“The purpose is most likely to simply obtain indecent images of the victims and then blackmail them," Wojtczak said. He added that it “does not look like a sophisticated attack” due to the reuse of the same number.
In one case, a Labour Party staffer was sent a message: "“Long time no speak! How’re you? Still single?”. The number told the story of how they had met, and the staffer could not remember, but was late convinced through the personalised messages.
After sexual flirting and an exchange of images on both sides, the staffer asked the "woman" to meet up. She said she was playing netball and if "you’re lucky, I’ll slip you a picture of me in my gym shorts x".
He later grew suspicious, calling the number and asking for her social media details. He was later stood up by the "woman".
He said: “It was very convincing, there was so much specific information and the way they were texting was just so believable for a woman in their 20s.”
He added: “I’ve been pretty shook up, anxious and worried about what could happen, and just embarrassed that I fell for it.
READ MORE: Michael Gove accused of 'vilifying' Muslims in 'sickening lurch to right'
“This sounds so obvious now, but don’t send pictures to someone you don’t know and trust — particularly if you’re in a politically-exposed position, like working for an MP. If the conversation escalates to sexting quickly, that’s definitely a red flag.”
Ciaran Martin, the former chief executive of the UK’s National Cyber Security Centre, said: “Malicious actors, including nation states, have a history of using digital messaging to try to cultivate relationships with people they think have political influence. Some of this activity is high quality and convincing. Some of it can be spotted a mile away.
“The key message is that anyone working in Westminster can expect stuff like this … trust your own instincts, don’t respond, and report it if you’re concerned.”
A spokesperson for Parliament said: “Parliament takes cybersecurity extremely seriously.
"We provide members and staff with tailored advice, making them aware of cyber risks and how to manage their digital safety — including on any personal devices and accounts.
"We would encourage any passholders who have concerns to contact the Parliamentary Security Department."
Neither Politico or those targeted have been bale to identify the origin of the pictures or numbers.
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel