Against a backdrop of a highly divisive decision for the UK to leave the European Union (better known by the ghastly word “Brexit”), British Prime Minister Theresa May has called a snap general election for 8 June.
It’s extraordinary how far Theresa May will go to avoid having to be at that state dinner with Donald Trump…
— Graham Cluley (@gcluley) April 18, 2017
I’m not going to get into my views as to whether the UK should leave Europe or not (you can read my Twitter account if you want to know my feelings about that), but here’s some important piece of advice for anyone working for a political party on its election campaign:
Think before you click
As we saw during the US election campaign, those working on election campaigns can be remarkably lax when it comes to their online security - reusing weak passwords between different sites, being duped by phishing emails, having their social media accounts hijacked and - most damagingly - having their private email conversations and documents stolen and leaked to the media.
It’s probably unfair to focus on one particular individual’s security snafu that may have influenced the US election, but hey… it seems clear that the hack of Hillary Clinton’s campaign chief John Podesta was enormously damaging, and made things easier for the Trump team.
This is the bogus email that Podesta received from a cybercriminal gang hell-bent on cracking into his webmail account.
If you’re campaigning in the UK election, don’t be a Podesta.
Whatever political party you are fighting for, ensure that you’re careful to use strong, unique passwords, that you have enabled two-step verification on your online accounts where possible, that you are always cautious about clicking on links and unsolicited email attachments, and wary of entering your passwords on sites that may be attempting to phish you.
Check out our recent “Smashing Security” podcast for more tips on securing webmail accounts to prevent your private emails making the headline, and perhaps derailing your campaign.