Each story follows the same arc: soft approach, small “harmless” task, payment, deeper dependence, and only then the realization that the employer was Iran.

By Hezy Laing

In recent months, several Israelis have crossed the line from target to collaborator.

One middle-aged man from central Israel, desperate under mounting debts, answered what he thought was freelance work verifying locations for a foreign company; months later he was passing sensitive infrastructure photos to Iranian handlers.

A young woman from the north, seeking online friendship, was gradually groomed into providing information on security personnel in her area, convinced she was helping a “research project.”

Another case involved a tech‑savvy student recruited through a Telegram job channel, who began by mapping ATMs and ended by installing surveillance devices on behalf of contacts he never met in person.

Each story followed the same arc: soft approach, small “harmless” task, payment, deeper dependence, and only then the realization that the employer was Iran.

What often starts as a seemingly harmless LinkedIn message from a “recruiter” or a flattering Telegram approach from a stranger has become, for many Israelis, the opening move in a quiet war.

Behind these friendly avatars lurk Iranian intelligence operators, patiently working to turn ordinary citizens into unknowing assets.

In the escalating shadow conflict between Jerusalem and Tehran, officials report a noticeable surge in digital honeytraps.

Posing as HR managers, app developers, or potential romantic partners, Iranian handlers lure Israelis with offers of easy money for “simple” assignments—snapping photos of certain buildings, confirming business locations, or mapping routes.

Over time, these errands evolve into explicit espionage and even sabotage.

Alongside the state security services, a new civic front has emerged. Veteran cybersecurity experts and social activists have joined forces in initiatives such as “Project Guardian Eye,” a non-profit effort built to inoculate the public before damage is done.

Rather than chasing suspects after the fact, they aim to bolster digital resilience.

One of their innovations is a counter-simulation system in which automated “white hat” personas copy Iranian recruitment tactics.

When a user bites, the bot reveals itself and walks them through the warning signs they overlooked, turning a near‑miss into a live training session.

Complementing this is a community-based verification center, where Israelis can anonymously upload screenshots of dubious job offers.

Using a mix of AI tools and human reviewers, the hub quickly matches these profiles against known hostile campaigns and alerts users in real time.

Analysts involved in these projects stress that Iran is not only looking for skilled hackers but for emotionally and financially vulnerable people.

Targets are often individuals craving fast income or personal connection, who only understand they are serving a foreign enemy when they feel too compromised, guilty, or frightened to seek help.

The NGO’s core mission is to shatter that shame, framing exposure of handlers as an act of national defense, not personal disgrace.

In a region where phones have become weapons, Israelis are urged to remember that their smartphone can be as attractive a target as any military installation.