Shin Bet Uncovers Iran-Linked Phishing Campaign
The initial contact by the Iranian entity was through the Israeli citizen's LinkedIn profile, and then the conversation continued via email
IsraelDefense
| 31/07/2023
Photo: Imago Images via Reuters
The Israel Security Authority (Shin Bet) revealed, that for several months, a phishing cyber campaign was conducted by Iranian entities targeting Israeli citizens, primarily government employees and researchers from various research institutions.
The phishing attempts were made by using fake profiles that pretended to be familiar Israeli citizens, with the main goal of gathering information about Israeli policies, government employees, and citizens.
The impersonation was of figures known to those citizens who approached them or had professional or personal connections with them.
The initial contact by the Iranian entity was through the Israeli citizen's LinkedIn profile, and then the conversation continued via email.
During the conversation, the Israeli citizen was invited to attend a conference. The invitation was attached as a file to the email, or alternatively, a file of an article or research that might interest the citizen was sent.
When the citizen opened the file, a malicious file was installed on their computer, granting remote access to the Iranian entity.
In essence, the file allowed the "attacker" to take control remotely over the "target's" computer, exposing all the information stored on the Israeli citizen's computer.
The Iranian entity's approach was based on information collected about Israeli citizens from social networks and the internet, including the content of their correspondence and connections relevant to their profession and areas of interest.
The awareness and alertness of the citizens, in addition to the actions taken by the Israeli security services and intelligence community, prevented the Iranian attempts from achieving their objectives.
The Israel Security Authority and its partners in the intelligence community work to disrupt and thwart Iranian attempts to gather information concerning Israeli citizens, and call on the public to remain vigilant regarding "phishing" phenomena on the internet.
The initial contact by the Iranian entity was through the Israeli citizen's LinkedIn profile, and then the conversation continued via email
Photo: Imago Images via Reuters
The Israel Security Authority (Shin Bet) revealed, that for several months, a phishing cyber campaign was conducted by Iranian entities targeting Israeli citizens, primarily government employees and researchers from various research institutions.
The phishing attempts were made by using fake profiles that pretended to be familiar Israeli citizens, with the main goal of gathering information about Israeli policies, government employees, and citizens.
The impersonation was of figures known to those citizens who approached them or had professional or personal connections with them.
The initial contact by the Iranian entity was through the Israeli citizen's LinkedIn profile, and then the conversation continued via email.
During the conversation, the Israeli citizen was invited to attend a conference. The invitation was attached as a file to the email, or alternatively, a file of an article or research that might interest the citizen was sent.
When the citizen opened the file, a malicious file was installed on their computer, granting remote access to the Iranian entity.
In essence, the file allowed the "attacker" to take control remotely over the "target's" computer, exposing all the information stored on the Israeli citizen's computer.
The Iranian entity's approach was based on information collected about Israeli citizens from social networks and the internet, including the content of their correspondence and connections relevant to their profession and areas of interest.
The awareness and alertness of the citizens, in addition to the actions taken by the Israeli security services and intelligence community, prevented the Iranian attempts from achieving their objectives.
The Israel Security Authority and its partners in the intelligence community work to disrupt and thwart Iranian attempts to gather information concerning Israeli citizens, and call on the public to remain vigilant regarding "phishing" phenomena on the internet.
