Multi-Factor Authentication (MFA) phishing campaigns targeting teachers, staff, and executive administrators in large school districts throughout the United States have continued to be on the rise since December 2023. The attacks use dadsec and phishingkit Phishing-as-a-Service (PhaaS) platforms, which include a number of stealthy features, with the purpose of compromising key administrator email accounts and ultimately delivering ransomware.

Download the report now to learn more:

• It has becoming increasingly easy for adversaries to bypass MFA controls and customize highly targeted phishing attacks.
• The modern attack environment leaves organizations
  vulnerable without additional protections.
• Invest in extra and, if needed, tailored awareness efforts for high priority staff with sensitive accesses. 
• Implement additional proactive AI-driven protections at the browser layer and email layer to protect users from stealthy phishing tactics.