Skip to main content

“Tens of thousands” of Iranians hit by phishing attacks

Google has uncovered a wave of phishing attacks in Iran targeting email accounts in an apparent data-grab on ordinary citizens.

The precise source and motive of the phishing campaign is unclear, but Google says the attacks originate from within Iran and may well be linked to the country's presidential election, with polls opening today in the Islamic Republic.

The scale of the attacks is noteworthy, as over a three week period Google claims tens of thousands of users have been targeted. The scam sees the sender pose as Google itself, encouraging the user to perform some account maintenance via a link. This sends the user to a fake log-in page requiring usernames and passwords, allowing the perpetrators to steal the credentials entered.

Google says that the spate of attacks represents a “significant jump in the overall volume of phishing activity in the region.”

“Especially if you are in Iran, we encourage you to take extra steps to protect your account,” the search giant advises. “Watching out for phishing, using a modern browser like Chrome and enabling 2-step verification can make you significantly more secure against these and many other types of attacks.

“Also, before typing your Google password, always verify that the URL in the address bar of your browser begins with If the website's address does not match this text, please don’t enter your Google password.”

With phishing attacks typically preying on the human user rather than the infrastructure of a network, we examined how an organisation can use their workforce to defend itself against this form of cyber-attack.