Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch

social engineering

AI generated Image

Image: Human Rights WatchThe page was designed to capture both the target’s email password and any secondary authentication codes, although the phishing kit would not have been able to bypass a hardware-based authentication key using the FIDO protocols. A joint technical investigation by Human Rights Watch and Amnesty International’s Security Lab was able to examine the link shortening service to identify similar pages set up to mimic the email accounts of the campaign’s additional targets. Recorded Future, which has previously investigated the group linked to the attacks, was one of the cybersecurity firms Human Rights Watch consulted regarding the incident.

Source read time: 4 min - therecord.media

Also offered in: Nederlands

More news for you