The Shin Bet (ISA) revealed on Monday that Iran has been behind a phishing campaign targeting Israeli citizens, including high-ranking security and political officials. The aim of the Iranian operation was to infiltrate the personal devices of Israeli figures, such as emails, computers, and smartphones, in order to gather sensitive information, including residential addresses, contact details, and frequent locations.
The ISA believes the collected data was intended to facilitate Iranian attempts to launch attacks against these individuals, potentially utilizing Israeli recruits to carry out operations within Israel. Investigations showed that approximately 200 separate cyberattacks were directed at Israeli targets, as reported by Israel National News.
Iranian operatives typically used platforms such as WhatsApp, Telegram, and email to send targeted requests, tailoring their approach for each victim to avoid raising suspicion. After identifying and analyzing the phishing attempts, the ISA initiated a large-scale operation to alert and brief the affected individuals, advising them on improving their security measures.
The ISA explained that the phishing attacks involved sending messages designed to trick victims into downloading malicious apps or visiting fraudulent websites posing as legitimate services. These sites would prompt users to enter their email credentials, allowing attackers to steal login information and gain access to personal or corporate accounts.
An ISA source stated, “This is a significant threat in Iran’s ongoing campaign against Israel, aimed at executing assassination attacks. We urge vigilance, as these types of cyberattacks can be prevented with awareness, caution, and proper online behavior.”
