On the eve of national elections in Iran, Google is reporting that it’s discovered a phishing campaign in the country that appears political in nature. In a post on its security blog, Google writes that "the timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday."
Google says that people in the country are receiving emails that link to a phony account maintenance page with a fake Google sign-in that steals their usernames and passwords.
The upcoming election is being closely watched, with the US government amending its longstanding sanctions on Iran to permit the export of computer and communications equipment to the country, reportedly with the aim of strengthening social networks there. According to Google, the current phishing campaign is being led by the same group behind a 2011 attack on SSL certificate authority DigiNotar, which exposed users’ encrypted communications in the country, reports The New York Times. "There are thousands of Iranian dissidents in prison today because of [the DigiNotar attack],” said security advocate and developer Phil Zimmermann.