In 2023, Iran witnessed a significant increase in state-sponsored cyberattacks targeting civil society, journalists, and minority groups. These phishing campaigns, detailed in Filterwatch’s report, “The Rising Wave of Impersonation,” leveraged impersonation of reputable organizations to compromise personal data, highlighting a growing digital threat to human rights defenders.
Filterwatch’s report documents over 100 cyberattacks from January to November 2023 targeting journalists, civil society activists, and minority rights defenders in Iran and abroad. These attacks, attributed to Iranian state-sponsored actors, primarily employed phishing tactics by impersonating reputable organizations like the Atlantic Council. The campaigns exploited social engineering techniques, leveraging current events such as the Mahsa Jina Amini (Woman, Life, Freedom) protests and incidents such as the suspected poisoning of schoolgirls to deceive targets into compromising their personal data. Notably, the attacks focused on ethnic minorities, journalists covering the Woman, Life, Freedom movement, independent artists, and human rights lawyers. While technically unsophisticated, the operations were highly effective due to their tailored and convincing approaches.
