The FBI is warning the U.S. higher education sector about compromised sensitive credentials and network access information advertised for sale across various public and Dark Web forums. The agency states that this access to credentials could potentially lead to a cyberattack.
The FBI’s Cyber Division sent a “private industry alert” to organizations around the U.S. on Thursday warning that threat actors are continuing to attack US colleges and universities leading to the exposure of user information on these underground forums.
“This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyberattacks against individual users or affiliated organizations,” the bureau says. “Credential harvesting against an organization is often a byproduct of spear-phishing, ransomware, or other cyber intrusion tactics.”
Using an example from 2017, the bureau says that the cybercriminals targeted universities to hack .edu accounts by “cloning university login pages and embedding a credential harvester link in phishing emails.”
The FBI says this helped them harvest credentials and send them to cybercriminals in an automated email from their server.
“Such tactics have continued to prevail and ramped up with COVID-themed phishing attacks to steal university login credentials, according to