clock menu more-arrow no yes mobile

Filed under:

Facebook and Twitter removed thousands of Iran-linked fake accounts

It goes to show that Iran can mess with American politics too.

If you buy something from a Vox link, Vox Media may earn a commission. See our ethics statement.

Iran fans hold up a giant flag during the 2015 Asian Cup match between Iran and Bahrain at AAMI Park on January 11, 2015 in Melbourne, Australia.
Iran fans hold up a giant flag during the 2015 Asian Cup match between Iran and Bahrain at AAMI Park on January 11, 2015 in Melbourne, Australia.
Quinn Rooney/Getty Images

A powerful country with extensive cyber capabilities continues to use social media to influence American society and politics. And in this case it’s not Russia — it’s Iran.

On Tuesday, the prominent cybersecurity firm FireEye released information about social media accounts, created between April 2018 and March 2019, coming out of Iran that were purposely impersonating Americans and even Republican candidates for Congress. In some cases, the fake users weighed in on the Trump administration’s tough policy toward the Middle Eastern country, such as its decision to designate an elite Iranian military unit as a terrorist organization in April.

That tip led Facebook to remove roughly 100 accounts, pages, groups, and even three Instagram accounts from the web, seemingly all coming from one location. The accounts engaged in “coordinated inauthentic behavior that originated in Iran,” Nathaniel Gleicher, Facebook’s cybersecurity policy chief, wrote in a statement. “The individuals behind this activity ... misled people about who they were and what they were doing.”

Those accounts were focused on key regional issues such as the influence of Saudi Arabia in the Middle East — which makes sense, since the country is Iran’s main regional rival — as well as more domestic concerns in America like US secessionist movements, Gleicher also noted.

It appears the same kind of behavior took place on Twitter. Also on Tuesday, Yoel Roth, the company’s head of site integrity, tweeted that earlier in May the social media platform “removed more than 2,800 inauthentic accounts originating in Iran.” While Roth noted the accounts were the same ones reported on by FireEye, Twitter didn’t receive any information before removing the fake users.

“These accounts employed a range of false personas to target conversations about political and social issues in Iran and globally,” Roth continued in a Twitter thread. “Some engaged directly through public replies with politicians, journalists, and others.”

This shows just how sophisticated and widespread Iran’s online influence abilities continue to be. While most people train their focus on the Russian threat — mainly because of its success impacting the 2016 presidential election — these recent actions make it clear there’s a lot more to worry about ahead of next year’s big vote.

If the US government and leading technology companies can’t find a comprehensive way to deal with this problem soon, we will all live with a terrifying new reality in which social media disinformation could sway elections at light speed.

Iran has long been a major cybersecurity threat

Ahead of the 2018 midterm elections, National Security Adviser John Bolton warned about four countries aiming to influence the vote.

In addition to Russia, he told ABC News’s Martha Raddatz last August, “I can say definitively that it’s a sufficient national security concern about Chinese meddling, Iranian meddling, and North Korean meddling that we’re taking steps to try and prevent it.” That makes a lot of sense, as experts say those four countries are the ones that can most impact America with their cyber capabilities.

But those nations all have different reasons for targeting the United States. James Lewis, a cybersecurity expert at the Center for Strategic and International Studies think tank in Washington, told me last August that Iran may have a specific reason for doing so now.

It “may be tempted [to] try something” as “payback” for Trump pulling the US out of the Iran nuclear deal, he said. Trump withdrew the US from the agreement in May 2018, which has led to many angry statements and even a weeks-long confrontation that some worried could turn into a full-blown war.

There’s been a lot of malicious Iranian activity in recent years. Starting in 2011, for example, Iran attacked more than 40 American banks including JPMorgan Chase and Bank of America. The attack made it so the banks had trouble serving its customers, and customers had trouble using the bank’s services.

And just days after Bolton’s interview, Facebook announced it removed around 650 pages, groups, and accounts linked to Russia and Iran that targeted Facebook users in the United States, the United Kingdom, Latin America, and the Middle East.

Put together, it’s clear Iran may be angry with Trump’s policies now but it’s long considered the US a key target for its cyberattacks. Despite America’s best efforts, Iran’s campaign is likely to continue alongside the efforts of Russia, China, and North Korea for years to come.

“Those four are our opponents in this new kind of war,” Lewis told me.

Sign up for the newsletter Sign up for Vox Recommends

Get curated picks of the best Vox journalism to read, watch, and listen to every week, from our editors.