The UK and US agencies, including the NCSC, FBI, and Department of the Treasury, have issued a joint alert regarding the increasing threat of targeted spear-phishing attacks by Iranian government-backed threat actors. These attacks are primarily aimed at individuals involved in Middle Eastern affairs, including government officials, journalists, activists, and lobbyists.
The attackers utilize social engineering tactics to gain the trust of their victims, such as impersonating trusted contacts and engaging in relevant discussions to lure them into sharing their email credentials. Once access is obtained, the threat actors can manipulate the victims’ email accounts, exfiltrate data, and set up forwarding rules.
NCSC operations director Paul Chichester emphasized the ongoing threat posed by these attacks and urged individuals to remain vigilant and utilize cyber defense tools to protect themselves. The NCSC provides guidance on mitigating the risk of such attacks, including being cautious of unsolicited contacts, suspicious links, and unusual requests.
In a related development, the US Department of Justice unsealed an indictment against three IRGC employees accused of hacking into accounts of US officials, journalists, and political campaign staff. The indictment highlights a hack-and-leak operation aimed at influencing the outcome of the US elections.
US Attorney General Merrick Garland condemned Iran’s cyberattacks, emphasizing that the American people will decide the election outcome. FBI Director Christopher Wray warned Iran against hiding behind cyber activities, stating that their behavior will not go unchecked.
