BERLIN (Reuters) - Germany’s federal cyber-security agency, BSI, said on Friday the private email inboxes of German executives and government employees were being targeted by professional cyber attacks.
Selected executives are being sent deceptively real-looking “spear-phishing” emails. They claim to have noticed irregularities in the use of the inbox or offer new security functions, the BSI said in a statement.
Germany is heading for elections in September, and security experts have warned that officials might face cyber attacks like those that occurred before elections in France and the United States over the past year.
The attacks identified by BSI ask users to click on a link and put their passwords into the website that then opens. If they do, the attackers can get access to their personal inbox.
Yahoo and Gmail accounts were targeted in the attacks. The BSI said it had prevented an attack on the government networks.
BSI President Arne Schoenbohm said the BSI generally could detect such phishing attempts, but private email inboxes were beyond its remit, which made them an attractive target.
“The attack infrastructure used is similar to that used in the attacks on and resulting leaks from the Democrats in the U.S. and against the French En Marche movement,” the BSI said.
U.S. intelligence agencies have concluded Russia orchestrated a wide-ranging influence operation that included email hacking and online propaganda, in an effort to discredit presidential candidate Hillary Clinton and help Donald Trump win the White House in November.
The German government has warned political parties to step up their defences against hacking after emails from the campaign of Emmanuel Macron were leaked just before he was elected president of France.
Reporting by Michelle Martin, editing by Larry King