Cybercriminals, dubbed “payroll pirates,” are exploiting phishing campaigns to hijack employee payroll accounts at U.S. universities, aiming to divert salary payments. Microsoft observed their use of sophisticated tactics like email rule manipulation and MFA hijacking, highlighting the threat’s severity across multiple institutions. #Storm-2657 #Workday #BusinessEmailCompromise
Keypoints
- Cybercriminals target university payroll systems through phishing emails to redirect salary payments.
- Hackers utilize malicious links, MFA hijacking, and inbox rules to maintain access and avoid detection.
- The campaign themes often involve COVID-19 reports or administrative misconduct, making phishing messages more convincing.
- The attack is a variation of business email compromise, which led to over $2 billion in losses in 2024.
- Experts recommend enabling phishing-resistant MFA methods and additional security measures for sensitive transactions.
Read More: https://therecord.media/universities-phishing-payroll-pirates