Google said Wednesday that it has detected what appears to be a spike in politically-motivated phishing attacks targeting Gmail accounts belonging to thousands of Iranians just days before a presidential election in the country.
The US internet company said it has a policy to alert users to “state-sponsored attacks and other suspicious activity,” but did not identify the perpetrators beyond saying that it appeared to be the same group behind a Gmail hacking campaign in 2011 involving fraudulent digital certificates.
Google Inc in a blog post said, “These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region.”
“The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday,” Google said.
This comes as Iran is preparing for its first presidential election following a controversial polling in 2009 which resulted in the re-election of Mahmoud Ahmadinejad for his second term as the Iranian president.
Ahmadinejad was accused of rigging the results in his favour which triggered angry protests.
In the meantime Eric Grosse, Google’s vice-president of security engineering said the phishing attempts to obtain passwords and othre private computing information by directing the users to face websites.
He said victims targeted in the attacks had received an email containing a link to a web page purporting to perform account maintenance.
To prevent phishing attacks, Grosse encouraged users in Iran to use a modern browser and enable two-step authentication. He also reminded users to verify that the URL in the address bar of their browser is https://accounts.google.com/ before entering their Gmail password.