Google has announced that it has uncovered multiple email-based phishing campaigns over the past three weeks aimed at compromising the accounts owned by tens of thousands of Iranian users.
Google VP of security engineering, Eric Grosse, said the campaigns, which originated within Iran, represent a significant jump in the overall volume of phishing activity in the region.
"The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday," Grosse said.
Grosse noted that the company used its Chrome browser to detect phishing efforts from what appears to be the same Iranian group in 2011, which used SSL certificates to carry out attacks.
"In this case, the phishing technique we detected is more routine: users receive an email containing a link to a web page that purports to provide a way to perform account maintenance," Grosse said.
"If the user clicks the link, they see a fake Google sign-in page that will steal their username and password."
The company asked Gmail users in Iran to use a modern browser like Chrome and switch to two-step verification process in order to minimise the risk of attacks.