Shin Bet Exposes Iranian Phishing Campaign on Social Media Targeting Israelis

The Shin Bet disclosed on Sunday an elaborate “phishing” operation conducted by Iranian officials aimed at Israeli citizens, particularly civil servants and researchers affiliated with various research institutions, in an attempt to gather sensitive information.

The Iranian agents created fraudulent profiles, impersonating genuine Israeli individuals who might have had prior professional or personal interactions, and utilized a social media platform to initiate conversations, which were then continued via email. During these exchanges, the perpetrators would send invitations to conferences or share files of interest, such as studies or articles. However, once the attachments or links were opened, they infected the Israeli citizens’ computers.

The malevolent files provided the Iranian entity with complete access privileges to the compromised computers, allowing remote control and full exposure of all information.

The Iranians initially obtained relevant details for crafting profiles from social media networks, enabling the hackers to establish connections and tailor their correspondence based on the target’s specific interests.

Fortunately, due to the vigilance and awareness of Israeli citizens, along with the proactive measures taken by the Shin Bet and the country’s security apparatus, the Iranian scheme was thwarted, preventing them from achieving their objectives.

In a joint statement, the Shin Bet, in collaboration with intelligence partners, underscored their ongoing efforts to foil any further attempts by Iran to gather information through deceptive tactics targeting Israeli citizens. The public was also urged to remain alert to the phishing phenomenon.