Posted on

Concerns Grow Over Phishing Campaigns launched from Compromised Email Accounts in Education Sector

external content.duckduckgo 37 scaled

the staff of the Ridgewood blog

Ridgewood NJ, so far we have not heard about this from any of our local school districts , including Ridgewood but its something to keep an eye on . The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) continues to observe efforts by cyber threat actors to compromise email accounts in the education sector in order to launch phishing campaigns with the intent to steal sensitive information, compromise account credentials, or conduct subsequent cyber operations against others in the education sector.

unnamed 2

In one phishing campaign, threat actors sent emails that appeared to be a folder sharing notification requesting the recipient to click on a link to a supposed Microsoft OneNote folder pertaining to the district’s board of education. The link leads to a website requesting the recipient to log in using their Microsoft credentials. In another phishing campaign, threat actors sent emails referencing a payment or statement (image above). These messages included two linked images that were disguised as document attachments, which can trick the recipient into accidentally navigating to the linked malicious websites. As the email accounts used in these phishing campaigns come from legitimate accounts, recipients are more likely to act on the messages by providing sensitive information, clicking links, or opening attachments.

Leave a Reply

Your email address will not be published. Required fields are marked *