Jerusalem, 29 May, 2025 (TPS-IL) — Israel has thwarted 85 Iranian cyberattacks since the start of 2025, targeting prominent Israeli civilians including security officials, politicians, academics, journalists, and media professionals the Israel Security Agency (Shin Bet) said on Thursday. These operations, according to the agency, were intended to collect sensitive personal data that could be used in physical attacks within Israel, potentially carried out by locally recruited operatives.
The majority of the cyberattacks were phishing attempts, designed to lure victims into handing over their credentials or downloading spyware. Attackers contacted targets via platforms like WhatsApp, Telegram, and email, often using messages tailored to the recipient’s background to avoid arousing suspicion. One common method was to send a fake Google Meet link leading to a counterfeit login page. Entering one’s credentials there gave the attackers access to the victim’s Google account and associated data, including emails, saved passwords, location history, and cloud-stored media.
“These cyberattacks can be avoided with vigilance, responsible behavior, and caution online—especially by refraining from clicking on unfamiliar links,” said a Shin Bet official. The official stressed that although the techniques are sophisticated, they are preventable with public awareness and care.
The Shin Bet, in coordination with the National Cyber Directorate, reported a noticeable rise in cyber infiltration attempts since the beginning of the year, all aimed at people in sensitive or high-profile roles. Officials believe Iran’s objective is to map out personal details such as residential addresses, social contacts, and routine travel patterns to facilitate real-world attacks.
In one notable incident, an Iranian operative impersonated Cabinet Secretary Yossi Fuchs in an attempt to deceive an Israeli citizen. The attempt failed when the target grew suspicious and quickly alerted authorities.
In addition to phishing links, some attacks involved malware hidden in documents or disguised as legitimate applications. Once downloaded, the spyware could access files, monitor activity, and extract private information from the device.
A Shin Bet source warned that these attacks are part of a broader campaign by Iran to harm Israelis on a personal level. “We continue to see unrelenting attempts by hostile entities to infiltrate and damage the lives of individuals,” the source said. “The public is urged to remain vigilant and cautious. These are cyberattacks that can be prevented before they occur through awareness, caution, suspicion, and preventive and correct behavior online.”
Israel and Iran have been engaged in years of clandestine cyberwarfare.
