Security News > 2021 > December > US universities targeted by Office 365 phishing attacks
US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials.
These campaigns are believed to be conducted by multiple threat actors starting in October 2021, with Proofpoint sharing details on the tactics, techniques, and procedures used in the phishing attacks.
A phishing attack targeting students of Arkansas State University used an URL of sso2[.
Based on the URLs shared by Proofpoint, some of the universities targeted in these attacks include the University of Central Missouri, Vanderbilt, Arkansas State University, Purdue, Auburn, West Virginia University, and the University of Wisconsin-Oshkosh.
Office 365 credentials can be used by malicious actors to access the corresponding email account, send messages to other users in the workgroup, divert payments, and further the phishing to steal more valuable accounts.
These phishing attacks could potentially lead to damaging BEC incidents and highly-disruptive ransomware infections for universities.
News URL
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Microsoft fixes bug behind random Office 365 deactivation errors (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)