The UK has issued a warning about the threat from cyber attackers working on behalf of the Iranian state.
In an advisory published with US partners, the National Cyber Security Centre (NCSC) – part of GCHQ – shared details of how cyber attackers working for Iran’s Revolutionary Guard Corps (IRGC) are using social engineering techniques to gain access to victims’ personal and business accounts online.
According to the NCSC, the malicious activity is targeted at individuals with a link to Iranian and Middle Eastern affairs, including current and former senior government officials, senior think tank personnel, journalists, activists and lobbyists.
The US has also observed the targeting of people associated with domestic political campaigns.
The advisory said the attackers often impersonate contacts on email and messaging platforms, building a rapport with targets before soliciting them to share user credentials on a false email account login page.
The attackers can then gain access to the victims’ accounts, exfiltrate and delete messages and set up email forwarding rules.
This activity “poses an ongoing threat to various sectors worldwide, including the UK”, the NCSC said.
To reduce the chances of being affected, the organisation advised at-risk individuals to follow the mitigation steps in the advisory.
The NCSC also suggested following its guidance and taking advantage of its free cyber defence tools.
Paul Chichester, NCSC director of operations, said: “The spear-phishing attacks undertaken by actors working on behalf of the Iranian government pose a persistent threat to individuals with a connection to Iranian and Middle Eastern affairs.
“With our allies, we will continue to call out this malicious activity, which puts individuals’ personal and business accounts at risk, so they can take action to reduce their chances of falling victim.
“I strongly encourage those at higher risk to stay vigilant to suspicious contact and to take advantage of the NCSC’s free cyber defence tools to help protect themselves from compromise.”
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules hereLast Updated:
Report this comment Cancel