Senior officials, current or former, journalists, activists, lobbyists, and senior think tank personnel are all targets of cyber threat actors working on behalf of the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).
Following the indictment that alleges Iranian nationals for a wide-ranging hacking conspiracy, the Federal Bureau of Investigation (FBI) released an advisory highlighting how Iranian threat actors choose and target their victims.
IRGC-sponsored threat actors rely heavily on a wide range of social engineering techniques to gain access to personal and business accounts.
“Victims may be prompted to input two-factor authentication codes, provide them via a messaging application, or interact with phone notifications to permit access to the cyber actors. Victims sometimes gain access to the document but may receive a login error,” the FBI advisory explains.
FBI and other authorities recommend precautionary measures tailored to recognize social engineering and spoofing attempts – be suspicious of any unsolicited contacts, links, especially shortened (such as bit.ly or tinyurl), files, and impersonations of legitimate services. Read the full story.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.