Hackers have broken into the web email account of UK Justice Secretary Jack Straw, according to a report in The Daily Telegraph, and sent out hundreds of emails attempting to defraud the politican's friends and constituents.
The emails were sent from the Blackburn Member of Parliament's Hotmail account, claiming that Straw had lost his wallet whilst in Nigeria promoting a charity called Empowering Youth to Fight Racism. The emails asked for $3,000 to help the politician return home.
Straw's international profile was higher in the past, when he served as Britain's Home Secretary and later Foreign Secretary, and it could be speculated that this may have made him a more attractive target for the hackers.
Nevetheless, we're seeing more and more reports of hackers breaking into web accounts (including Facebook profiles) to send out claims that the real account owner is stranded overseas and needs money for a safe return.
Of course, it's unlikely that anyone would really believe that Jack Straw was stranded in Nigeria with no method of returning to the UK. But, perhaps more worryingly, whoever broke into Straw's account has had access to his address book and emails that he has sent and received in the past. That information could be very useful for identity thieves.
You have to wonder if the hackers broke into the Right Hon Jack Straw's mailbox in a similar fashion to the attack used on Sarah Palin's Yahoo account last September, where hackers are able to reset passwords by guessing the answers to "secret questions". If so, this would also put Jack Straw in the same camp as Paris Hilton..
Another possibility is that Jack Straw used a simple-to-guess dictionary word for his password. Something we have advised again and again is a bad idea.
However the hackers broke in, there's bound to be embarrassment for the politician who founded the National High-Tech Crime Unit..
Curious as to how this kind of scam presents itself? Check out this recent example from Facebook.
PS. I wonder if Jack was following the sensible password tips I give in this video to increase his online security?
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)Follow @NakedSecurity