Skip to main content
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
Campus & Community
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
Sections
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
Campus & Community

Information Technology Services Warns of Sophisticated Phishing Attacks Impersonating Trusted Sources

Tuesday, January 7, 2025, By Eric Ferguson
Share
facultyInformation Technology ServicesstaffStudents

The Information Security team within Information Technology Services has detected an increase in sophisticated phishing attacks targeting the University community. These phishing emails look real and often originate from compromised accounts at other universities. Attackers exploit recipients’ trust and use convincing tactics to steal account credentials.

Here is how these attacks typically work and how you can protect yourself.

How The Attacks Work

  • Spoofed emails: Attackers send emails that seem to originate from trusted peers or partners at other universities.
  • Fake document links: The emails contain links you are expected to click on. Recent attacks have used the pretext that a document that needs to be shared is encrypted and, in order to decrypt it, you must log in to the link.
  • Fraudulent validation: If recipients email the sender for confirmation because they are suspicious, attackers respond with reassuring but fake replies.
  • Credential theft: Trusting the response, recipients enter their credentials into a counterfeit Microsoft login page at the other end of the link.
  • MFA exploitation: The attackers harvest the credentials and use them to trigger a legitimate Microsoft multi-factor authentication (MFA) request, which victims will see in the Microsoft Authenticator app. Bad actors email their victims the two-digit code to enter into the app. If the victim enters it, the bad actors gain complete access to their accounts. If the victims use SMS as their MFA method, the bad actors will send an email trying to get the victim to send them the provided code.
  • Account misuse: Attackers use compromised accounts to attempt changes to payroll direct deposit information and/or to launch further attacks from the victim’s email account.

Protect Yourself

  • Be cautious of unexpected emails: Avoid clicking on links or providing information unless you are certain of the sender’s legitimacy.
  • Validate by phone, not email: If you suspect a phishing attempt, verify directly by calling the sender. Never rely on email validation for suspicious requests.
  • Beware of fraudulent MFA prompts: Be cautious of unusual MFA prompts or requests. Never enter codes from unknown sources. Microsoft MFA will never send the two-digit code via email. Any email claiming to provide such a code is fraudulent. If you use SMS as an MFA method, nobody will ever ask you for the code via text or email.
  • Report phishing attempts immediately: You can use Outlook’s “Report Message” feature to flag suspicious emails.

Stay alert and reach out to the IT Security team (infosec@syr.edu) with any questions or concerns. Your vigilance is vital to keeping our community safe.

  • Author

Eric Ferguson

  • Recent
  • Syracuse Stage Hosts Inaugural Julie Lutz New Play Festival
    Wednesday, May 28, 2025, By News Staff
  • Timur Hammond’s ‘Placing Islam’ Receives Journal’s Honorable Mention
    Tuesday, May 27, 2025, By News Staff
  • Expert Available to Discuss DOD Acceptance of Qatari Jet
    Thursday, May 22, 2025, By Vanessa Marquette
  • Syracuse University 2025-26 Budget to Include Significant Expansion of Student Financial Aid
    Wednesday, May 21, 2025, By News Staff
  • Light Work Opens New Exhibitions
    Wednesday, May 21, 2025, By News Staff

More In Campus & Community

Michael J. Bunker Appointed Associate Vice President and Chief of Campus Safety and Emergency Management Services

Syracuse University today announced the appointment of Michael J. Bunker as the new associate vice president and chief of Campus Safety and Emergency Management Services following a national search. Bunker will begin his new role on July 1, 2025. He…

Syracuse University, Lockerbie Academy Reimagine Partnership, Strengthen Bond

Syracuse University and Lockerbie Academy are renewing and strengthening their longstanding partnership through a reimagined initiative that will bring Lockerbie students to Syracuse for a full academic year. This enhanced program deepens the bond between the two communities, forged in…

Syracuse University 2025-26 Budget to Include Significant Expansion of Student Financial Aid

Syracuse University today announced a major investment in student financial support as part of its 2025-26 budget, allocating more than $391 million to financial aid, scholarships, grants and related assistance. This represents a 7% increase over last year and reflects…

Engaged Humanities Network Community Showcase Spotlights Collaborative Work

The positive impact of community-engaged research was on full display at the Community Folk Art Center (CFAC) on May 2. CFAC’s galleries showcased a wide array of projects, including work by the Data Warriors, whose scholars, which include local students…

Students Engaged in Research and Assessment

Loretta Awuku, Sylvia Page and Johnson Akano—three graduate students pursuing linguistic studies master’s degrees from the College of Arts and Sciences—spent the past year researching and contributing to assessment and curricular development processes. The research team’s project, Peer-to-Peer Student Outreach…

Subscribe to SU Today

If you need help with your subscription, contact sunews@syr.edu.

Connect With Us

  • X
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
Social Media Directory

For the Media

Find an Expert Follow @SyracuseUNews
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
  • @SyracuseU
  • @SyracuseUNews
  • Social Media Directory
  • Accessibility
  • Privacy
  • Campus Status
  • Syracuse.edu
© 2025 Syracuse University News. All Rights Reserved.