“Spear phishing” targets a specific person by creating a complex message containing personal information in order to get them to open it and try to trick them into sharing sensitive information.

British cybersecurity officials warned on Thursday that hackers from Russia and Iran often attack officials, journalists and non-governmental organizations with “spear phishing” – sophisticated hacking systems designed to lure specific people using personal information.

The National Cyber ​​Security Center NCSC reports that Russia-based Seaborgium groups and Iran-based TA453 groups linked to the Revolutionary Guards attacked various organizations and individuals inside and outside the UK in 2022.

“The attacks are not directed at the general public, but at specific sectors such as academia, defense, government organizations, NGOs and think tanks, as well as politicians, journalists and activists,” he added.

The NCSC urged those in these industries to become familiar with these hacking techniques and provide guidance on how to fix them.

“Spear phishing” consists of attacking a specific person by creating a complex message containing personal information in order to get them to open it and “attempting to trick them into sharing sensitive information.”

According to the NCSC, the hacker conducts “reconnaissance around his target” in order to tailor his attacks more effectively.

Hackers based in Russia and Iran are “relentless in their pursuit of stealing online credentials and compromising potentially sensitive systems,” said Paul Chichester, director of operations at NCSC.

They often contact their victims via email, social media, and professional platforms, “posing as the real contacts of their targets, sending out fake invitations to conferences and events, and spreading malicious links disguised as video conference connections.”

For example, TA453 used the Zoom platform to make fake video calls, posing as authority figures, and then sending malicious links through the platform’s chat.