Chancellor Kent Syverud | Syracuse University
Chancellor Kent Syverud | Syracuse University
The Information Security team within Information Technology Services has reported a rise in sophisticated phishing attacks targeting the University community. These attacks are designed to appear authentic, often originating from compromised accounts at other universities, and aim to exploit recipients' trust to steal account credentials.
According to the team, attackers employ several tactics. They send spoofed emails that seem to come from trusted peers or partners at other institutions. These emails contain links under the pretext of sharing encrypted documents, requiring recipients to log in for decryption. If recipients seek confirmation via email due to suspicion, attackers respond with reassuring but fake replies.
Once trust is established, victims enter their credentials into a counterfeit Microsoft login page linked in the email. Attackers then harvest these credentials and use them to trigger legitimate Microsoft multi-factor authentication (MFA) requests. Victims receive a two-digit code through the Microsoft Authenticator app or SMS and are tricked into entering it, granting attackers full access to their accounts.
Compromised accounts are misused by attackers for unauthorized changes to payroll direct deposit information or launching further attacks from the victim's email account.
To protect against these threats, individuals are advised to be cautious of unexpected emails and validate suspicious requests by phone rather than email. It's important not to enter codes from unknown sources as part of MFA prompts; Microsoft will never send such codes via email. Suspicious emails should be reported using Outlook’s “Report Message” feature.
The IT Security team encourages vigilance and invites anyone with questions or concerns to reach out via infosec@syr.edu.
Alerts Sign-up