‘Honey Trap’ Sites Recruiting Israeli Spies

Uploaded on 2022-02-01 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

Websites are offering work to Iranians and Iranian proxies in Syria and Lebanon as spies for Israel and these offers are believed to be a counter-intelligence effort driven by Iran's security services.

Investigators at online news website, The Daily Beast, have found the sites as part of an investigation into a series of apparent phishing websites that spoofed think tanks and news organisations focused on the Middle East and national security.  Those sites include domains meant to trick users into believing they were associated with prestigious news outlets across the Middle East.

At least 16 sites were identified using the same proposition, phrasing, logos, phone numbers to lure people working in sensitive security jobs in the Hezbollah terror group in Palestine, the Assad regime in Syria, or in Iran itself. Neither the cyber security firm Mandiant, nor Google or Facebook, where the sites had accounts, were able to identify who lies behind the phishing domains.

The recruiting sites have surfaced and disappeared over a four-year period, targeting users in Iran, Syria, and Lebanon through Google Ads.

Displaying a picture of the Israeli flag and a contact number with an Israeli country code, a website called 'VIP Human Solutions’  advertises itself as the “VIP center for recruitment of the most distinguished in the military and security services of Syria and Hezbollah in Lebanon” that “specialises in research and consultancies in the studies of security and political science in all corners of the world." The Human Solutions’ site promises rapid hiring decisions and big salaries.

Security researchers suspect the intelligence job sites are part of an Iranian counter intelligence effort and say that certain that  these websites are fake and have no  connection to Israel’s genuine  spy services.

The Israel Defence Force (IDF) has previously uncovered a scam by Hamas militants to spy on its soldiers by hacking their mobile phones after posing as women on social media. Members of the Palestinian group found the soldiers online, then tried to strike up a friendship using the fake identities and dozens of IDF soldiers were persuaded to install an application that controlled their phone cameras and microphones.

The Israeli National Cyber Directorate has issued a general warning to Israeli businesses to be aware of potential cyber attacks, as the country faced an uptick in hacking attempts. In December last year, Israeli cyber security firm Check Point said that a hacking group identified with the Iranian regime was aiming to attack Israeli targets.

Daily Beast:     Times of Israel:     Media Line:      BBC

You Might Also Read:

Israel & Iran Locked In Cyber Conflict:

 

« Ransomware Attack On French Ministry of Justice
Britain's Cyber Security Strategy Focuses On Resilience »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Kramer Levin

Kramer Levin

Kramer Levin is a full-service law firm with offices in New York and Paris. Practice areas include Cybersecurity, Privacy and Data Protection.

Cymulate

Cymulate

Cymulate is a SaaS-based breach and attack simulation platform that makes it simple to know and optimize your security posture any time, all the time.

Seqrite

Seqrite

Seqrite offers a highly advanced range of enterprise and IT security solutions to protect your organization's most critical data.

Vehere

Vehere

Vehere specialises in mission critical signals aquisition and analytics platform and cyber defence systems.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

Diligent

Diligent

Diligent's SaaS GRC platform gives leaders a connected view of governance, risk, compliance and ESG across their organization.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

ResilientX

ResilientX

ResilientX is an All-In-One Security Testing Platform designed to help MSPs and SMBs to perform their security testing and assessments without having to outsource IT.

Action Fraud

Action Fraud

Action Fraud is the UK’s national reporting centre for fraud and cyber crime where you should report fraud if you have been scammed, defrauded or experienced cyber crime.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.