Fake News Op Expands: How Israel ‘Saved’ the Saudis and Entered Afghanistan

A disinformation op using Haaretz editor in chief's identity was pushing Israel related fake news. Further analysis revealed another site impersonating Haaretz's security analyst

Omer Benjakob
Omer Benjakob
Send in e-mailSend in e-mail
U.S. President Joe Biden meeting with Saudi Crown Prince Mohammed bin Salman in Jeddah last week.
U.S. President Joe Biden meeting with Saudi Crown Prince Mohammed bin Salman in Jeddah last week.Credit: Bandar Al-Jaloud/AFP
Omer Benjakob
Omer Benjakob

The sophisticated fake news operation that impersonated Haaretz’s editor-in-chief is wider than initially reported: Another site pretended to be a blog of Haaretz's security analyst, Amos Harel, as part of an attempt to influence Mideast public opinion by spreading disinformation.

Among real articles by Harel, fakes were interspersed that were later quoted on Arabic-language websites and social media.

“Amosharel.com” went live without Harel’s knowledge or approval. Like the fake blog of Haaretz Editor-in-Chief Aluf Benn, this site also contained copies of real columns from Haaretz’s English edition on security and military issues in Israel, the Middle East and Europe.

The fake site that’s attributed to Benn is still live two weeks after its existence was reported in Haaretz, despite a request to have it removed. In those two weeks, more real columns by Benn have been posted on the site, as well as false reports claiming that an Israeli company won a contract from the United Arab Emirates to take part in airport security in Afghanistan after the Taliban takeover of that country.

According to a new fake Benn article, Haaretz wrote that “the management of Afghanistan airports has a strategic value for the Israeli army, Mossad and other security structures.” It said that soon Israel will have a role at airports “in Sudan, Somalia and other Middle Eastern countries ... one of Israel’s greatest strategic successes in the region.”

Amos Harel fake private blog.

While the site pretending to be Benn is still live, the fake Harel site has been taken offline. Experts say that along with spreading disinformation, sites based on identity theft can be used for phishing – attempts to fraudulently obtain sensitive information – especially, for example, when the target is a Haaretz journalist in touch with security officials with access to sensitive information.

At Haaretz’s request, the cybersecurity firm Cyberint looked into the matter and discovered that the domain name was bought in February. As in Benn's case, the site has a clean look with a well-organized biography of Harel, a photo taken from his Wikipedia page, and an archive of articles.

By March, the site had posted at least 10 real analyses by Harel, and at least one fake. Additional fake columns may have been posted but the Harel site is no longer active and there is no archive of all its pages on the web.

Like the fake articles on the fake Benn site, the phony Harel article focused on the Middle East. It tried to show that Israel was a secret partner of Saudi Arabia in Yemen, and in a fake interview, former Foreign Minister Yisrael Katz “reveals”: “it is only for the operational support of the Israeli army in Riyadh, and this is well understood by all military commanders. Muhammad bin Salman has repeatedly been ready to withdraw from the Yemeni war and declare Saudi’s defeat.”

The fake Katz said that former Yemeni President Abdrabbuh Mansur Hadi has close ties with Israel and visited Tel Aviv secretly twice to ask for help.

The fake Katz added: “Our tremendous influence over Eritrea and the deployment of Israeli troops on the Red Sea coast in Eritrea, as well as Djibouti, have given us absolute control over the security of the Red Sea. ... Today, Israel’s domination of the Red Sea is like its domination of the world economy, and this is well understood by all the great world powers. If support for Israel were distorted in any way, the world economy would face a devastating blow. The port of Eilat in the Gulf of Aqaba is considered as an important support for our war in Syria, the Golan Heights and Lebanon.”

Like the fake commentaries attributed to Benn, the fake Harel columns have been quoted on Arab sites in English and on sites and a Telegram channel identified with the Houthi rebels, echoing a pro-Iranian agenda and the message that Israel controls the Red Sea, cooperates with Saudi Arabia and is involved in Yemen’s civil war.

According to Cyberint, there are indications that the entity that bought the domain name and operated the site is the same as the one behind the fake Benn blog. Both domain names were bought at the same domain registrar with the same phone number and email address. Cyberint said that in the case of the fake Benn site, security protocols were inserted that are rarely installed in blogs.

This isn’t the first time Harel has been quoted around the world in an article he didn’t write. In 2012, no less than six newspapers in Algeria published quotes from a fictitious article in which Harel supposedly reported that Israel was worried about Algerian military attacks and was preparing for a conflict, and that then-President Abdelaziz Bouteflika was more dangerous to Israel than his predecessor, Houari Boumédiène.

Cybersquatting

The phenomenon of a hostile actor waiting for an individual or company to forget to renew their domain name is called “cybersquatting.” In many cases, the purchase of the name by the bad actor is an attempt to demand ransom, but in other cases the site goes live to attack the would-be owner of the site or use his or her name to disseminate false information.

In Harel's case, the site was taken down months later and can no longer be accessed. But it’s possible that the site has been used in another dangerous way, says Moshe Levi, Cyberint’s chief information security officer.

Ownership of a site grants an email address under the same name. It’s therefore possible that the inactive site is being used to send emails masquerading as Amos Harel emails.

Such identity theft makes it possible to “phish” security officials corresponding with the real Amos Harel, fraudulently obtaining sensitive information from them. Or such emails might trick them into clicking on a malicious link sent by the fake Amos Harel that would allow bad actors to hack their computers.

A month ago, the cybersecurity company Check Point revealed that Iranian hackers had taken over email accounts of senior Israeli security officials and impersonated them in sending emails to other senior officials, including former Foreign Minister Tzipi Livni and a former U.S. ambassador to Israel.

One email, for example, was sent to Livni from the email account of an Israeli reserve general in a sensitive post with whom Livni had corresponded in the past. The email asked Livni to click on “an article he wrote,” but she became suspicious and contacted Check Point.

* Click here to read this story in Hebrew

Click the alert icon to follow topics:

Comments

SUBSCRIBERS JOIN THE CONVERSATION FASTER

Automatic approval of subscriber comments.

Subscribe today and save 40%

Already signed up? LOG IN

ICYMI

Soldiers using warfare devices made by the Israeli defense electronics company Elbit Systems.

Russia-Ukraine War Catapults Israeli Arms Industry to Global Stage

Flame and smoke rise during an Israeli air strike, amid Israel-Gaza fighting, in Gaza City August 6, 2022.

Israel Should End Gaza Operation Now, if It Can

Rio. Not all Jewish men wear black hats.

What Does a Jew Look Like? The Brits Don't Seem to Know

Karolina Bielowka.

'My Uncle Told Me, ‘Go on the Trip of Your Life, Go Dig in Israel.’ So I Did'

The replica ship, 'Ma’agan Mikhael II,' sailing from Haifa to Acre in northern Israel.

Replica of 2,400-year-old Ship Solves Ancient Mediterranean Mystery

File photo: Bus operated by Kavim company.

Ultra-Orthodox Extremists Assault Woman for Sitting at Front of Jerusalem Bus