Kaspersky warns of phishing wave against universities.
Kaspersky has uncovered a surge in phishing attacks aimed at universities worldwide as the new academic year begins.
Cyber-criminals are creating fake login portals that closely replicate official university websites, tricking students and professors into handing over their credentials. Links to these fraudulent sites are being distributed through phishing emails or appearing in search results for university login pages.
The campaign has been detected across Asia, Europe, and Latin America, with examples in countries such as India, Thailand, Germany, and Colombia. Once attackers gain access, they can lock victims out of their accounts, steal sensitive data including academic records and financial details, and even use compromised accounts to spread phishing messages further within university networks.
“Colleges and universities are vulnerable due to their reliance on digital platforms and the high volume of users during the back-to-school rush,” said Olga Altukhova, senior web content analyst at Kaspersky.
“These fake login portals can appear convincing, exploiting the trust students and professors place in their university systems. We urge the academic community to stay vigilant and always double check the web addresses of their institution’s login pages.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
