It appears that Russia's GRU intelligence agency was behind the attempted infiltration, which was carried out last August. The scheme was similar to one allegedly perpetrated by the GRU's Fancy Bear hacker group against Hillary Clinton's campaign manager John Podesta in 2016. GRU allegedly sent emails to targets, claiming that they had to change their Microsoft Exchange password. Each email had a different link that let the phony password change landing page display each recipient's own email address, adding an air of legitimacy.
Microsoft VP for customer security and trust Tom Burt last week revealed his company had detected phishing attempts against three midterm election candidates. "We did discover that a fake Microsoft domain had been established as the landing page for phishing attacks, and we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for elections in the midterm elections," he said at the Aspen Security Forum. Microsoft took down the site and Burt said the attack was unsuccessful.
McCaskill is a long-term critic of Russia and is seen to be among the most vulnerable Democratic senators in a hotly contested midterm campaign. Republicans are trying to hold onto their slim Senate majority of 51; Donald Trump won Missouri by almost 20 points in the 2016 presidential election.
The revelation of the attempt against McCaskill follows Special Counsel Robert Mueller's indictment of 12 Russian spies, charging them with carrying out cyberattacks against the Democratic National Committee, the Democratic Congressional Campaign Committee and Clinton's 2016 presidential campaign.