Election candidates warned about phishing attempts

Inside the NCSC

Candidates in the general election have been asked to look through their emails for signs that they have been targeted by a phishing attack.

The list of potential targets includes recent MPs.

The National Cyber Security Centre (NCSC), which is part of GCHQ, disclosed the request in a document released early on 16 May.

The BBC understands that the number of victims is currently understood to be in single figures.

Candidates have been asked to look for suspicious emails received after Jan 2017.

The NCSC declined to say if any data had been taken.

A report in the Financial Times said it was “likely” that the phishing campaign had been orchestrated by a state.

In a document titled Phishing: guidance for political parties and their staff, the centre says it has “become aware of phishing attacks to gain access to the online accounts of individuals that were MPs before dissolution of Parliament” and “other staff who work in political parties”.

The NCSC said the attacks were likely to continue “and may be sent to parliamentary email addresses, prospective parliamentary candidates, and party staff”.

‘Personal emails targeted’

The BBC understands that so far victims’ personal emails have been affected but no successful phishing attempts have been made via parliamentary email addresses.

Continue reading…