Email security, Network Security

New BEC attacks involve US agency spoofing

Rogue QuickBooks, PayPal accounts used in novel phishing attacks

Several U.S. government agencies, including the Department of Agriculture, Department of Transportation, and the Small Business Administration, have been impersonated by the TA4903 threat operation in new business email compromise attacks, reports BleepingComputer.

Intrusions by TA4903, which have ramped up since the second half of last year, involved the delivery of malicious PDF document attachments spoofing government entities that include QR codes redirecting to phishing sites akin to the impersonated agencies, which then seek victims' credentials, a report from Proofpoint revealed. Other attacks launched by TA4903 in mid-2023 involved the utilization of breached email accounts to send messages aimed at luring targets into updating their payment details. TA4903 has since moved to conducting small business impersonation in its newer campaigns but whether the transition is permanent remains uncertain, according to researchers. Organizations have been urged to implement multi-layered security to properly defend their networks from the threat posed by TA4903.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.