Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks

    Stu Sjouwerman | Aug 29, 2024

    Spear Phishing Bigger ProblemResearchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic Revolutionary Guard Corps (IRGC). 

    The threat actor is targeting WhatsApp accounts belonging to individuals in Israel, Palestine, Iran, the United States, and the UK, focusing on “political and diplomatic officials, and other public figures, including some associated with administrations of President Biden and former President Trump.”

    APT42 uses well-known social engineering techniques to compromise its victims. In this case, the threat actor impersonated tech support employees at major companies.

    “These accounts posed as technical support for AOL, Google, Yahoo, and Microsoft,” Meta says. “Some of the people targeted by APT42 reported these suspicious messages to WhatsApp using our in-app reporting tools. Those reported messages enabled us to investigate this latest campaign and link it to the same hacking group responsible for similar attempts aimed at political, military, diplomatic and other officials, as reported by our industry peers at Microsoft and Google.”

    The researchers add that there’s no evidence that the threat actor succeeded in compromising any accounts, but WhatsApp users should remain on the lookout. 

    “The vigilance of these users to report the messages to us suggests that these efforts were unsuccessful,” Meta says. “We have not seen evidence that their accounts were compromised. We have encouraged those who reported to us to take steps to ensure their online accounts are safe across the internet.

    Out of an abundance of caution and given the heightened threat environment ahead of the US election, we also shared information about this malicious activity with law enforcement and with the presidential campaigns to encourage them to stay cautious against potential adversarial targeting.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Meta has the story.

    Topics: Social Engineering Spear Phishing Security Culture

    Discover Your Organization’s Phish-prone™ Percentage

    Ninety-one percent of data breaches begin with spear phishing. Launch our Free Phishing Security Test for up to 100 users to uncover your team's vulnerability and see how your security posture stacks up against industry benchmarks.

    Get Your Free Phishing Security Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All