<ul><li>Mandiant observed an increase in phishing attacks targeting U.S.-based universities since August 2024.</li><li>A long-term phishing campaign with shared filenames targeted educational institution users since at least October 2022.</li><li>These attacks exploit trust within academic institutions during critical academic calendar dates.</li><li>Three distinct phishing campaigns have emerged to take advantage of these factors.</li><li>Campaigns involved phishing via Google Forms, scraping university login pages, and redirecting payments.</li><li>Phishing methods included requests for login credentials, financial information, and urgent responses.</li><li>Google Forms and website cloning were used in phishing campaigns to obtain sensitive information.</li><li>Payment redirection attacks involved gaining unauthorized access to redirect funds into attackers' accounts.</li><li>The impact of a successful payment redirection attack includes financial losses, reputational damage, and operational disruption.</li><li>Mitigation strategies include MFA, employee training, payment verification protocols, and incident response planning.</li></ul>

Phishing Campaigns Targeting Higher Education Institutions

Discover more