Google warns of phishing threat targeting U.S. elections and Israeli accounts

Share this News:

Pune, 16th August 2024: Google has issued a new advisory alerting users about a surge in phishing attacks carried out by Iranian government-supported groups. The warning follows a similar advisory by Microsoft, emphasizing the growing cyber threat. The phishing emails, sent by a group known as APT42, are specifically targeting accounts linked to Israel and the upcoming United States presidential elections. Google’s Threat Analysis Group (TAG) has highlighted the severity of these attacks, urging users to remain vigilant and take precautions.

Microsoft previously warned Windows users, particularly in India, about potential outages akin to those caused by CrowdStrike. The Indian Computer Emergency Response Team (CERT-In) responded by issuing an alert for Indian Microsoft Windows users. Now, Google’s warning comes with a broader focus, citing a significant rise in phishing campaigns aimed at high-profile targets.

According to Google’s blog post, APT42, connected to Iran’s Islamic Revolutionary Guard Corps (IRGC), has been relentlessly attacking high-profile users in Israel and the United States. The targets include former and current government officials, political campaigns, diplomats, and members of think tanks. Non-governmental organizations (NGOs) and academic institutions involved in foreign policy are also at risk. In the past six months, approximately 60% of APT42’s activities have impacted the U.S. and Israel, highlighting the strategic focus of these cyber operations.

Google further detailed the tactics used by APT42 in its phishing campaigns. These cybercriminals craft emails that appear to originate from legitimate organizations, such as government agencies, banks, or social media companies. They then create fake websites that closely resemble the authentic ones, luring users into providing sensitive information like usernames and passwords. The attackers also exploit services like Google Drive, Gmail, Dropbox, and OneDrive to carry out their malicious activities. Google’s TAG advises users to stay alert and implement security measures to protect against these phishing threats.