UK MPs and Officials Targeted in WhatsApp Phishing Attack

WhatsApp Phishing

WhatsApp, the popular messaging platform, has become the latest battleground in a cyber attack that is shaking the Westminster networks. Recent findings reveal that not only UK Government officials but also MPs, workers, and journalists have fallen victim to a deceptive “spear phishing attack”.

Twelve Westminster employees, including a serving government minister, reported receiving unsolicited WhatsApp messages. These messages were sent from two suspicious cell phone numbers over the past six months. Following the release of this story, six more Westminster residents contacted POLITICO, claiming to have received nearly identical texts from one or the other of the mentioned numbers. Some of the 12 recipients were targeted with graphic photographs to lure them in.

Another individual, the thirteenth to come forward, shared his story for the first time. He was targeted by a person on WhatsApp going under the names “Abigail” or “Abi“, much like others. This individual fell prey to the scam on the evening of January 23, 2023, after receiving an apparently normal SMS from an unidentified number. The sender used a pleasant tone and an emoji to put the receiver at ease.

Despite his suspicions, the man continued communicating with “Abigail” via messages for several months without revealing any sensitive information. On March 11th, a journalist received an unsolicited message from “Charlie,” who claimed they had exchanged numbers during a night out. Despite blocking that number, the journalist received a subsequent message from “Abi” the following day, this time from a different number.

The analysis has heightened concerns over deliberate attempts to influence Westminster’s employees, encompassing MPs, advisors, and officials. Security experts interpret these efforts as potential attempts to compromise these individuals, leading to heightened worries about the dissemination of sensitive data and its potential exploitation for blackmail or extortion.

There’s a possibility that scammers are employing the same unregistered phone numbers for more of their deceptive schemes. Cybersecurity professionals warn that these low-effort phishing campaigns often utilise the tactic of recycling phone numbers from lesser-known UK networks.

In response to these incidents, British cybersecurity guidelines emphasize the importance of heightened vigilance among MPs and their staff. The National Cyber Security Centre (NCSC) provides specific recommendations to safeguard against advanced cyber threats, emphasizing the need for robust security protocols and ongoing awareness training.

You may also like:

Related Posts

Leave a Reply