Oct 28 / Admin

New Scam Alert: Hijacking Student Accounts to Launch BEC-Style Attacks

Avanan reported: 

In this attack, hackers are compromising student accounts to launch broader BEC and credential harvesting attacks. 

  • Vector: Email
  • Type: BEC, Credential Harvesting
  • Techniques: Account
  • TakeoverTarget: Any end-user

This email is sent from a legitimate university account. The email uses standard social engineering to convey a sense of urgency–messages have been blocked, and the only way to release them is to click on this link. In this case, 11 emails are waiting to be reviewed. 

In this case, this same compromised account sent out numerous messages to a variety of organizations.

When hovering over the “Release messages” button, the URL first points to a Buy Now, Pay Later service called Tabby. However, look a little further down the URL string, and you’ll see a redirect to a different site. That leads to a credential harvesting site.

Find out more with the original article here.

Enroll in Training Sessions:  Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
* indicates required