The UK and US have issued a joint advisory warning of ongoing spear-phishing attacks being carried out by cyber actors working on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC).

These cyber attackers are using sophisticated social engineering techniques to gain access to victims’ personal and business accounts, targeting individuals linked to Iranian and Middle Eastern affairs.

The National Cyber Security Centre (NCSC) and its US counterparts are urging those at risk to follow mitigation steps and sign up for free cyber defence services to protect themselves from this persistent threat.

The advisory, published by the NCSC alongside the FBI, US Cyber National Mission Force (CNMF), and US Department of the Treasury, details how these attackers impersonate trusted contacts to build rapport with victims. The attackers often solicit credentials through fraudulent login pages, allowing them to access sensitive information, exfiltrate messages, and set up forwarding rules. The targets include senior government officials, think tank personnel, journalists, activists, and individuals associated with US political campaigns.

Paul Chichester, NCSC Director of Operations, emphasised the seriousness of the threat: “The spear-phishing attacks undertaken by actors working on behalf of the Iranian government pose a persistent threat to individuals with a connection to Iranian and Middle Eastern affairs. With our allies, we will continue to call out this malicious activity so individuals can take action to reduce their chances of falling victim.”

Individuals at higher risk, particularly those involved in sensitive sectors, are encouraged to remain vigilant and utilise the NCSC’s cyber defence services.

These include the Account Registration service, which alerts individuals to incidents involving personal accounts, and the Personal Internet Protection service, which helps block access to known malicious domains.

While this spear-phishing activity specifically targets those linked to Iranian and Middle Eastern affairs, the NCSC has also published general guidance on spotting common signs of phishing scams for the wider public.

George Allison
George has a degree in Cyber Security from Glasgow Caledonian University and has a keen interest in naval and cyber security matters and has appeared on national radio and television to discuss current events. George is on Twitter at @geoallison

2 COMMENTS

  1. I’m confused. What’s a ping report got to do with phishing? It’s just measuring the responsiveness of the IP destination.

LEAVE A REPLY

Please enter your comment!
Please enter your name here