Security News > 2021 > December > US universities targeted by Office 365 phishing attacks

US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials.
These campaigns are believed to be conducted by multiple threat actors starting in October 2021, with Proofpoint sharing details on the tactics, techniques, and procedures used in the phishing attacks.
A phishing attack targeting students of Arkansas State University used an URL of sso2[.
Based on the URLs shared by Proofpoint, some of the universities targeted in these attacks include the University of Central Missouri, Vanderbilt, Arkansas State University, Purdue, Auburn, West Virginia University, and the University of Wisconsin-Oshkosh.
Office 365 credentials can be used by malicious actors to access the corresponding email account, send messages to other users in the workgroup, divert payments, and further the phishing to steal more valuable accounts.
These phishing attacks could potentially lead to damaging BEC incidents and highly-disruptive ransomware infections for universities.
News URL
Related news
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- 2024 phishing trends tell us what to expect in 2025 (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)