During the week of January 9, 2017, malicious hackers conducted phishing attacks from multiple school district employees’ email accounts.
Hackers gained unauthorized access to work-related email accounts belonging to employees of multiple school districts, presumably by having the login name and password of the email account.
The hackers used the employees’ email accounts to send phishing emails to people with whom the employee had previous email contact. The message included instructions to click on a link to open a website. The website directs the email recipient to enter account credentials (email address / user name / password / phone number).
The hackers are also monitoring the victims’ email accounts and are responding to replies from recipients of the phishing email confirming the original request to click on the website link. In some cases, the hackers used the employees’ email signature to make the message appear more authentic. Continue reading