Phishing Campaign Targets ED Grant Portal
Threat researchers at cybersecurity company BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal. Multiple lookalike domains have been observed hosting phishing kits or cloned login portals in an attempt to harvest login credentials from legitimate users, the company explained.
"These domains attempt to clone or imitate the official G5.gov interface and may be targeting education professionals, grant administrators, or vendors tied to the U.S. Department of Education," BforeAI reported, adding, "This activity is particularly alarming given the recent Trump Administration announcement of 1,400 layoffs at the Department of Education, which may create confusion and an opportunity for social engineering."
BforeAI noted that credentials stolen through this campaign could allow attackers to access sensitive grant award data, change payment instructions, or impersonate recipients for fraud, among other potential impacts. Users are advised to avoid clicking on links from unknown sources, always verify URLs, and report suspicious e-mails or domains to their organization's cybersecurity team or to [email protected].
For more information, visit the BforeAI site.
About the Author
Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].