KnowBe4’s Phish-Alert tool picks up spoofed campus-wide phishing attempt in Florida targeting a community college with a fake active shooter alert
KnowBe4, providers of the world’s largest security awareness training and simulated phishing platform caught a suspicious email coming through its Phish Alert tool and sent a scam alert to its platform users. This particular phish spoofs a campus-wide security alert for a community college (confidential information blocked out) in Florida. If there is any saving grace with this phish, it lies with the awkward choice of language (“an emergency scare”), which should tip off most users that something is not right with this email. Those for whom English is second language might not pick up on that, though, and students whose native language is not English are quite common on college campuses.
According to KnowBe4 CEO Stu Sjouwerman, “Given that it appears to be tailored to a particular educational institution and its students and employees, it’s a good bet that other educational institutions could see similarly targeted phishing attacks. From there, the campaign will move to other targets. It’s worth noting that institutions of higher education are at higher risk for phishing attacks generally, as well as ransomware attacks.”
This social engineering scheme could be easily used against any school system, state and local government, large private corporations (eg. the recent mass shooting at YouTube headquarters) — or any organization that is likely to have established active shooter protocols and training in place.
Sjouwerman noted, “What makes this particular attack so infuriating is that it exploits current concerns over active shooters on education campuses — a sensitive issue that could likely generate panicked, reflexive clicks from recipients who are already on edge over the recent shooting at Marjory Stoneman Douglas High School — also in Florida.”
KnowBe4 has seen several variations on this scam with the following subject lines:
- “IT DESK: Security Alert Reported on Campus”
- “IT DESK: Campus Emergency Scare”
- “IT DESK: Security Concern on Campus Earlier”
All three contain embedded links that lead to credentials phishes that spoof Microsoft — a large IT presence on campuses.
KnowBe4 advises its customers to “Think before you click” and look for any red flags related to a phishing scam. The company offers the no-charge Phish Alert Button for organizations to deploy to users, giving them an easy way to report suspicious emails to their security team for analysis.
KnowBe4 is recommending to IT folks and customers alike that they DO NOT create a simulated phishing template as this type has a high "runaway risk" meaning recipients will forward the simulated attack to authorities, the police, and/or call 911, causing a potential further escalation, downtime and possible harm. They should stick with messaging, PSA's, banners, posters and other awareness training methods.
KnowBe4, the provider of the world’s most popular integrated new-school security awareness training and simulated phishing platform, is used by more than 17,000 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new-school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s training based on his well-documented social engineering tactics. Thousands of organizations trust KnowBe4 to mobilize their end-users as the last line of corporate IT defense.
Number 231 on the 2017 Inc. 500 list, #70 on 2017 Deloitte’s Technology Fast 500 and #6 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England and the Netherlands.