TA4903 Spoofing Government Entities and SMBs for Financial Gain

Threat Level – Red | Vulnerability Report
Download PDF

TA4903, a financially motivated threat actor, conducts high-volume email campaigns targeting U.S. organizations for credential phishing and business email compromise (BEC). They spoof various U.S. government agencies and private businesses, employing tools like EvilProxy and incorporating QR codes into phishing campaigns. TA4903’s evolving tactics include expanding BEC themes to small and medium-sized businesses, indicating a persistent and adaptable threat.

Threat Level – Red | Actor Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox