Department of Education site mimicked in phishing scheme

Hackers are spoofing a US government website in an effort to steal sensitive credentials from educators.

Threat researchers at BforeAI’s PreCrime Labs recently detailed a phishing campaign involving the US Department of Education’s (DoE) G5 grant management and federal funding portal. As the G5 system is used to draw down funds for a wide range of grants, including certain types of student aid, a wide range of entities use this system, such as schools, state agencies, nonprofits, and other institutions.

BforeAI said threat actors have published multiple domains mimicking the G5 home page and login portal in an effort to harvest credentials from education professionals, grant administrators, and relevant vendors. These credentials could then be used to access sensitive grant award data, impersonate recipients, change payment instructions, aid other spear-phishing campaigns, and more.

Read more at Dark Reading