Cybercriminal Groups – SEABORGIUM and TA453

SEABORGIUM and TA453 are cybercriminal groups currently targeting the UK and the USA. Using spear-phishing (sending emails posing as a known or trusted sender to trick their target into sending confidential data) they have successfully attacked organisations and individuals in the UK. They are not interested in using ransomware or receiving any money from their victims, all they want is to steal information.

The two groups research their targets thoroughly online and then create fake accounts and begin to contact and build a rapport with their target. After a relationship has been established, they generally send an email with a malicious link (which will direct the target to a site that appears as a legitimate website but has been set up by the attacker) or a file that once opened, leads to them gaining access to their target’s computer. We have included some examples below of these attacks and fake profiles

Microsoft has also identified that the group prefers personal email addresses to help avoid detection from business email protection and security controls.

To defend your organisation and self from these attacks we have laid out some things you and your business can do to protect yourself from these groups:

  • Use strong passwords.
  • Enable and use MFA (Multi-Factor Authentication).
  • Protect your devices and networks by keeping them up to date.
  • Exercise vigilance – be wary of people adding you on social media accounts that you do not know personally.
  • Enable your email providers automated email scanning features.
  • Disable mail forwarding.

The NCSC has also posted an alert of these two groups and their continual attacks on individuals and organisations within the UK

get Clevr360

Speak to our team

Fill out the form below and we will be in touch with the next steps.