Iran Gmail phishing attacks up ahead of election, says Google


Iran Gmail phishing attacks up ahead of election, says Google

Warwick Ashford

Phishing attacks are targeting tens of thousands of Gmail users in Iran in the run-up to elections in the country, according Google researchers.

“These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region,” Eric Grosse, vice-president of security engineering said in a blog post.

Although the attacks originate inside Iran, the timing and targeting of the campaigns suggest they are politically motivated in connection with presidential elections on Friday, he wrote.

Google researchers believe the attacks are coming from the same group that used forged secure socket layer certificates for the Google domain name to conduct attacks that targeted users in Iran in 2011.

The fraudulent certificates were issued after a hacker gained access to the certificate infrastructure of Dutch root certificate authority DigiNotar.

Poisoned link

In the latest attacks, targets are sent an email containing a link to a web page that purports to provide a way to perform account maintenance.

If the recipient clicks the link, they see a fake Google sign-in page that will steal their username and password.

Grosse said Google routinely notifies targets of state-sponsored attacks and other suspicious activity, and takes other “appropriate actions” to limit the impact of these attacks.

“Especially if you are in Iran, we encourage you to take extra steps to protect your account,” he said, suggesting steps such as updating browsers and enabling two-factor authentication.

“Always verify that the URL in the address bar of your browser begins with If the website's address does not match this text, please don’t enter your Google password,” he said.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy