As part of a joint operation by the Shin Bet (Israel Security Agency) and the National Cyber Directorate, a significant increase in attempts by Iranian intelligence elements to breach private Google accounts and messaging applications on private phones of senior government officials, past and present security personnel, defense industries, journalists, academics, and various citizens has been identified in recent months, and even more so since the “Shield and Arrow” operation.
The purpose of these attempts is to collect personal and professional information that can be used to advance terrorism, espionage, and influence activities through “spear phishing.” The modus operandi includes, among other things, personalized outreach tailored to the recipient’s interests, impersonating a known figure, and invitations to meetings or to download files from a link, as well as phishing messages designed to elicit login credentials, particularly passwords, of the victim, and even the two-factor authentication code for their Google, Telegram, or WhatsApp account, thereby granting the attacker full access to these accounts.
In recent months, the Shin Bet and the National Cyber Directorate have worked to thwart and block hundreds of such attempts. This activity included providing targeted alerts about the threat, briefings for checks to detect anomalies, blocking and removing unauthorized access to accounts, and briefings on account hardening and personal security. Concurrently, awareness campaigns were conducted to raise awareness of the threat and provide various tools.
The Shin Bet and the National Cyber Directorate recommend strengthening security settings on Google, messaging applications, and social networks through two-factor authentication, recovery email, and checking linked accounts. Additionally, Google and WhatsApp have recently launched advanced protection programs that implement strict security measures tailored for senior figures and individuals holding sensitive information. It is recommended to remain vigilant to communications from unknown sources, avoid providing personal details, and refrain from clicking on links received from unknown sources.
The Shin Bet will continue to operate to detect and preemptively thwart the activities of hostile elements, and together with the National Cyber Directorate, will work to strengthen defenses against these attacks.
Related Topics
