Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis
Summary
Iranian threat actors are actively engaged in credential theft targeting expats, Syrians, and Israelis. They employ spear-phishing and social engineering tactics to compromise their targets.
IFF Assessment
FOE
This activity increases the threat landscape for potential victims.
Severity
8.1
High
(AI Estimated)
Defender Context
Defenders need to be aware of Iranian threat actor activity and their tactics, techniques, and procedures (TTPs), especially spear-phishing. Organizations should reinforce user awareness training to detect and avoid phishing attempts. Monitor network traffic and email communications for suspicious activity originating from or related to Iranian IP addresses or domains.