Google says it’s seeing a massive increase in email-based phishing campaigns that originate within Iran and target Iranian users. These attacks, Google says, started about three weeks ago and the company believes that they are politically motivated. Iran’s next election is scheduled for Friday and this “significant jump” in phishing activity in the region started about three weeks ago.
Google says the campaign targets the accounts of “tens of thousands” of Iranian users and the group behind it appears to be the same that also targeted Iranian users in September 2011. Back in 2011, the company told all of its users in Iran to ensure that their accounts weren’t compromised after hackers compromised the Dutch SSL certificate authority DigiNotar.
As Google notes, though, this time the attack is far simpler and just sends users to a fake Google sign-in page in order to steal usernames and passwords. What exactly the attackers planned to do with this information remains unclear.
Retrieved from Tech Crunch