The Shin Bet exposed a "phishing" campaign carried out by Iranian officials with the aim of gathering information about Israeli policies and citizens, it was cleared for publication today (Sunday).

The main targets of these Iranian agents were mainly civil servants and researchers at various research institutes.

References to citizens were made through the use of fake profiles impersonating known Israeli citizens, with the aim of gathering information about Israeli policy, civil servants, and Israeli citizens. The impersonation was of people known to those citizens who contacted them or were in contact with them, both professionally and personally.

The first contact by an Iranian official began with a message to the "Linkedin" profile of the Israeli citizen, and then the conversation moved to be conducted via email.

Iranian agent attempts contact screenshot

As part of the conversation between the two, the Israeli citizen was invited to a conference. The invitation was attached as a file to the correspondent, or alternatively, a file of an article or study that might be of interest to the citizen was sent.

When that citizen opened the file, a malicious file was installed on his computer that gave that Iranian entity access privileges to his computer. The file created a remote control of the attacker's computer of the victim's computer, and hence the Iranian party was exposed to all the information stored on the Israeli citizen's computer.

The Iranian operation was based on information collected about the Israeli citizens from across social media and the web, and the contents of the correspondence and the connection were designed to be compatible with the occupation and interests of the targets.

The awareness and vigilance of the Israeli targets, as well as the actions of the Shin Bet and Israeli security establishment, prevented the Iranian attempts to achieve their goal.