Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

SNP MP fears ‘disinformation attack’ after emails hacked

Stewart McDonald said he was targeted in a phishing attack on January 13.

Craig Paton
Wednesday 08 February 2023 04:57 EST
Stewart McDonald said the attack took place on January 13 (Peter Byrne/PA)
Stewart McDonald said the attack took place on January 13 (Peter Byrne/PA) (PA Media)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

SNP MP Stewart McDonald has said he fears he may be the victim of a “disinformation attack” as he claimed his personal email account has been hacked by Russia.

The Glasgow South MP told the BBC he was targeted in a phishing attack on January 13, in the form of a password-protected attachment sent in an actual email account for a member of his staff, purporting to be about Ukraine.

After clicking on the link and entering his log-in details, he was redirected to a blank page, the MP said, and when he asked the member of staff about it, he responded: “I didn’t send any email.”

Several days later the same staff member informed Mr McDonald he had been locked out of his personal email account because of suspicious activity – and that he had never sent him the email with the log-in page.

Mr McDonald, formerly his party’s defence spokesman and someone with a keen interest in Russia, said he is concerned about what may be done with personal emails that could have been taken from his account.

“If it is indeed a malicious state-backed group, then, in line with what I’ve seen elsewhere, I expect them to dump some of the information online,” he told the BBC.

“I can expect them to manipulate and fake some of that content and I want to get out ahead of that to ensure any disinformation attack against me is discredited before it’s even published.

“It can catch people, even those who are alive to these threats.”

Speaking to BBC Radio Scotland on Wednesday, Mr McDonald said he wanted to “raise awareness of the threat”.

He added: “This is a phishing campaign that was long-planned, and was targeted against me. I know it was targeted against some others also.

“Unfortunately the hackers managed to breach the private email address of one of my staff team as well, so I would recommend to all of your listeners to read the National Security Cyber Centre’s guidance on spear phishing.

“These are more sophisticated than general phishing emails that I am sure all of us have received from time to time and ensure you don’t fall victim to it.

“It is a deeply unpleasant experience.”

The incident came in the weeks after an advisory was issued by the National Cyber Security Centre (NCSC), a wing of the intelligence agency GCHQ, which warned of “spear-phishing attacks” – which are targeted at specific people using tailored content more likely to deceive – from actors in Russia and Iran.

The advisory did not explicitly say the groups – known as Seaborgium and TA453 – were backed by any government.

A spokesman for the NCSC said: “An incident has been reported to us and we are providing the individual with support.

“The NCSC regularly provides security briefings and guidance to parliamentarians to help them defend against the latest cyber threats. This includes expert advice for MPs and their staff available on the NCSC website.”

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in