Cyber Blog

A group of hackers linked to Iran recently carried out a worldwide email attack aimed at embassies and diplomatic offices. These cybercriminals sent fake emails designed to look like official diplomatic messages, tricking recipients into opening a harmful document disguised as a Microsoft Word file.

The troubling part? When the document was opened, it prompted recipients to “Enable Content,” which secretly activated harmful software. This software could then sneakily install itself on the device, spy on it, and send sensitive information back to the attackers—all without the user realizing.

The campaign was widespread, targeting embassies, consulates, and international organizations across continents—including the Middle East, Europe, Africa, Asia, and the Americas. Notably, European embassies and African organizations were hit hardest. To make their phishing emails more convincing, the hackers used more than 100 different email addresses, many of which belonged to real officials or fake government-sounding entities. One of the compromised accounts belonged to the Omani Ministry of Foreign Affairs in Paris, which added an extra layer of legitimacy to the malicious messages.

In short, this attack highlights how dangerous and sophisticated modern phishing scams have become, especially when they aim at trusted institutions like embassies. It’s a reminder that even seemingly official messages can conceal real threats.