Security News > 2021 > July > New phishing attack SpoofedScholars targets professors and writers specializing in the Middle East
Proofpoint security analysis details the latest attack that uses the lure of speaking at a conference to steal credentials.
SpoofedScholars is a new credential phishing attack that uses a University of London website to steal information from researchers who specialize in the Middle East, according to new analysis from Proofpoint.
Proofpoint reports that senior think tank analysts, journalists focused on Middle Eastern affairs and professors are the targets in this latest attack.
The threat actor "Often uses free email providers to spoof individuals familiar to their targets to increase the likelihood of successful compromise," according to Proofpoint.
As described in the Proofpoint blog post, the group focuses credential phishing to "Specific individuals of interest to collect intelligence through exfiltration of sensitive email and contacts or initial access for future phishing campaigns."
The same actor, identified by Proofpoint as TA453, launched a similar credential phishing campaign in late 2020 that targeted medical professionals who specialize in genetic, neurology and oncology research in the United States and Israel.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)