Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • UK cyber experts warn of targeted phishing attacks

Security

UK cyber experts warn of targeted phishing attacks

The UK has today warned of the threat from targeted spear-phishing campaigns against organisations and individuals carried out by cyber actors based in Russia and Iran.

Above: The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simone Flamigni / copyright Shutterstock

In an advisory published today, the National Cyber Security Centre (NCSC) – a part of GCHQ – shared details about the techniques and tactics used by the attackers as well as mitigation advice to combat the continuing threat.

Advertisement
PTC rectangle

Spear-phishing involves an attacker sending malicious links, for example via email, to specific targets in order to try to induce them to share sensitive information.

The advisory highlights that throughout 2022 separate malicious campaigns were conducted by Russia-based group SEABORGIUM and Iran-based group TA453, also known as APT42, to target a range of organisations and individuals in the UK and elsewhere for information-gathering purposes.

The attacks are not aimed at the general public but targets in specified sectors, including academia, defence, government organisations, NGOs, think-tanks, as well as politicians, journalists and activists.

The advisory, based on NCSC understanding and extensive industry reporting, recommends organisations and individuals remain vigilant to approaches and follow the mitigation advice to protect their online accounts from compromise.

Paul Chichester, NCSC Director of Operations, said: “The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks.

“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems.

“We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”

This activity is typical of spear-phishing attacks, where the actor undertakes reconnaissance activity around their target to tailor their content before making an approach.

Contact may initially appear benign as the attacker looks to gain targets’ trust and build a rapport, before using typical phishing tradecraft to share malicious links that can lead to credential theft and onward compromise.

The advisory describes how approaches have been made via email, social media and professional networking platforms, with attackers impersonating real-world contacts of their targets, sending false invitations to conferences and events, and sharing malicious links disguised as Zoom meeting URLs.

Advertisement
Security & Policing Rectangle

While the malicious campaigns use similar techniques and have similar targets, the campaigns are separate and the two actors are not collaborating.

If individuals or organisations in the identified sectors recognise the specific and targeted activity described in the advisory, they should report this to the NCSC.

The advisory includes the following advice to mitigate the spear-phishing activity:

  • Use strong and separate passwords for your email account
  • Turn on multi-factor authentication (also known as 2-step verification, or 2SV)
  • Protect your devices and networks by keeping them up to date
  • Exercise vigilance
  • Enable your email providers’ automated email scanning features
  • Disable mail-forwarding

The ‘Think Before You Link’ app, from the Centre for the Protection of National Infrastructure (CPNI), is also designed to help individuals identify malicious online profiles and reduce the risk of being targeted.

The NCSC is committed to raising awareness of the latest cyber threats and provides a range of practical guidance on its website to help public sector organisations, critical national infrastructure, businesses of all sizes, and individuals protect themselves online.

View the advisory: www.ncsc.gov.uk/news/spear-phishing-campaigns-targets-of-interest

 

Advertisement
ECS leaderboard banner
Funding of £20m set to find Britain’s next defence unicorn

Aerospace Defence Security Space Events

Funding of £20m set to find Britain’s next defence unicorn

29 January 2026

The search for the UK’s next defence unicorn has kicked off with the launch of a bespoke £20 million fund to offer accelerated contracts to small, innovative British startups who have had limited or no business with the Ministry of Defence.

Metis launches Skyperion Lightweight

Aerospace Defence Security

Metis launches Skyperion Lightweight

29 January 2026

Lincoln based specialists in Radio Frequency (RF) and drone detection technologies, Metis, have launched their latest detection product, Skyperion Lightweight.

Kier Pritchard announced as Ministry of Defence Police Chief Constable

Defence Security

Kier Pritchard announced as Ministry of Defence Police Chief Constable

27 January 2026

Lucy Bogue, Director SJC GUARDIAN, has announced the appointment of Kier Pritchard as Ministry of Defence Police (MDP) Chief Constable following an open selection process.

Blighter to show surveillance radars at  World Defense Show

Defence Security Events

Blighter to show surveillance radars at World Defense Show

27 January 2026

Blighter will be attending the World Defense Show in Saudi Arabia from 8th-12th February 2026 to showcase its ITAR-free ground surveillance radars for border security and military base protection.

Advertisement
ODU RT
Heathrow completes £1bn security tech upgrade

Aerospace Security

Heathrow completes £1bn security tech upgrade

26 January 2026

Heathrow has now completed a £1 billion security technology upgrade, becoming the world's largest airport to fully roll out next-gen CT security scanners.

ECS to demo ECS Connect at Security & Policing

Security Events

ECS to demo ECS Connect at Security & Policing

26 January 2026

Enterprise Control Systems (ECS) will be showcasing advanced security and defence solutions at Security & Policing 2026 - taking place 10th-12th March at Farnborough - including the very first public demonstration of the new ECS Connect data link network manager.

Advertisement
ODU RT
Advertisement
Babcock LB Babcock LB