A UK Government minister, MPs, staff and journalists in Westminster have all been found to have been targeted by two suspicious mobile numbers with explicit photos and "flirty" messages in a “spear phishing attack".

At least 12 men have been identified by Politico to have received messaged from October 2023 to February 2024. The cohort are understood to include a UK Government minister, four MP staffers, a political journalist and a senior Labour MP.

The numbers used the names "Abi and Charlie/Charlotte" - changing the name dependent on the victims sexuality - to send personalised messages with references to appearance and political events. Pictures of an explicit nature were sent several times, and one victim of the phishing attack replied with a photo themselves.

One victim has since said: "This sounds so obvious now, but don’t send pictures to someone you don’t know and trust".

READ MORE: BBC: Scottish minister says 'fake' hate crime complaint submitted

In each case, the numbers started the conversation in a similar way. They claim to have met the victim at an event such as a campaign day or a party conference, while stating they had "had a little flirt". Politico reports that conversations turned sexual "quickly" in four cases with explicit images sent in three.

Dominik Wojtczak, head of the Cybersecurity Institute at the University of Liverpool, branded the incidents a “spear phishing attack”. This is considered a highly personalised form of “phishing".

“The purpose is most likely to simply obtain indecent images of the victims and then blackmail them," Wojtczak said. He added that it “does not look like a sophisticated attack” due to the reuse of the same number.

In one case, a Labour Party staffer was sent a message: "“Long time no speak! How’re you? Still single?”. The number told the story of how they had met, and the staffer could not remember, but was late convinced through the personalised messages.

The National: WhatsApp

After sexual flirting and an exchange of images on both sides, the staffer asked the "woman" to meet up. She said she was playing netball and if "you’re lucky, I’ll slip you a picture of me in my gym shorts x".

He later grew suspicious, calling the number and asking for her social media details. He was later stood up by the "woman".

 He said: “It was very convincing, there was so much specific information and the way they were texting was just so believable for a woman in their 20s.”

He added: “I’ve been pretty shook up, anxious and worried about what could happen, and just embarrassed that I fell for it.

READ MORE: Michael Gove accused of 'vilifying' Muslims in 'sickening lurch to right'

“This sounds so obvious now, but don’t send pictures to someone you don’t know and trust — particularly if you’re in a politically-exposed position, like working for an MP. If the conversation escalates to sexting quickly, that’s definitely a red flag.”

Ciaran Martin, the former chief executive of the UK’s National Cyber Security Centre, said: “Malicious actors, including nation states, have a history of using digital messaging to try to cultivate relationships with people they think have political influence. Some of this activity is high quality and convincing. Some of it can be spotted a mile away. 

“The key message is that anyone working in Westminster can expect stuff like this … trust your own instincts, don’t respond, and report it if you’re concerned.”

 A spokesperson for Parliament said: “Parliament takes cybersecurity extremely seriously.

"We provide members and staff with tailored advice, making them aware of cyber risks and how to manage their digital safety — including on any personal devices and accounts.

"We would encourage any passholders who have concerns to contact the Parliamentary Security Department."

Neither Politico or those targeted have been bale to identify the origin of the pictures or numbers.