TA4903 Spoofing Government Entities and SMBs for Financial Gain

Threat Level – Red | Vulnerability Report
Download PDF

TA4903, a financially motivated threat actor, conducts high-volume email campaigns targeting U.S. organizations for credential phishing and business email compromise (BEC). They spoof various U.S. government agencies and private businesses, employing tools like EvilProxy and incorporating QR codes into phishing campaigns. TA4903’s evolving tactics include expanding BEC themes to small and medium-sized businesses, indicating a persistent and adaptable threat.

Threat Level – Red | Actor Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cyber Horizons 2025

What Last Year’s Attacks Reveal About Today’s Risks

Watch the Webinar on-demand and get a FREE copy of our Cyber Horizons 2025 report.

Our Speakers
Speaker 1

Prateek Bhajanka Global Field CISO & Former Gartner Analyst Hive Pro Inc.

Speaker 2

Ankit Mani Manager Threat Intel HiveForce Labs

Speaker 3

Sreevani Tonipe Senior Threat Researcher HiveForce Labs