Sami Ben Gharbia, who monitors Tunisia's web censorship for Global Voices, said that Google and Facebook were in no way complicit in the sophisticated phishing technique.
The initial signs that something was underway came on Saturday, he said, when the secure https protocol became unavailable in Tunisia. This forced web users to use the non-secure http protocol.
The government's internet team then appears to have gone phishing for individuals' usernames and passwords on services including Gmail, Facebook, Yahoo and Hotmail.
Web activists and journalists alerted others of the alleged hacking by the government via Twitter, which is not susceptible to the same types of operations. "The goal, amongst others, is to delete the Facebook pages which these people administer," a Tunisian internet professional, who has also been in contact with Anonymous, told Al Jazeera in an emailed interview.
The same source, who asked to remain unidentified due to the potential consequences for speaking out, said that in communication with the international group, he had come up with a Greasemonkey script for fireFox internet browsers that deactivated the government's malicious code.