- Digital twins are optimizing supply chains and more. Here's why enterprises should care
- Getting Out in Front of Post-Quantum Threats with Crypto Agility
- Join Sam's Club for $15 - the lowest price we've seen. Here's how
- Meta's new $299 Quest 3S is the VR headset most people should buy this holiday season
- Get Microsoft Office 2019 for Windows or Mac for $25
New BEC attacks involve US agency spoofing
Several U.S. government agencies, including the Department of Agriculture, Department of Transportation, and the Small Business Administration, have been impersonated by the TA4903 threat operation in new business email compromise attacks, reports BleepingComputer.
Intrusions by TA4903, which have ramped up since the second half of last year, involved the delivery of malicious PDF document attachments spoofing government entities that include QR codes redirecting to phishing sites akin to the impersonated agencies, which then seek victims’ credentials, a report from Proofpoint revealed. Other attacks launched by TA4903 in mid-2023 involved the utilization of breached email accounts to send messages aimed at luring targets into updating their payment details. TA4903 has since moved to conducting small business impersonation in its newer campaigns but whether the transition is permanent remains uncertain, according to researchers. Organizations have been urged to implement multi-layered security to properly defend their networks from the threat posed by TA4903.