FAFSA Phishing
New US Federal Student Aid Warning
August 8th, 2021
By Dominic Alvieri
Back to school is a stressful time for most. More so with sky-high tuition costs and financing those rising costs. FAFSA is an office of the Department of Education and assists in Federal Student Aid.
FAFSA is under a phishing warning. Several new malicious fake FAFSA login sites have appeared.
 |
Warnings are great but what if you don't get one?
New phishing site fafsa-login[.]net
The site first redirects users to a "VPN Update" below.
Then take immediate action...
Further research showed that the redirects cycled through a registry and not every visit reached the same site or payload. No zero-click danger here and interaction is required as is the case in most malicious takeovers and malware applications via malspam.
Other detailing information about you or your device?
Another fake FAFSA appeared last night:
fafsalogin[.]net
Interaction required again. The biggest fear is that one day one of these cyber criminals will be able to construct a zero click for one of these sites. A viral video would go far to spread the malicious activity.
Any warnings for others that may be springing up? The new registration below is inactive but potentially dangerous. NameCheap has done a great job in suspending malicious registered domain activity.
The official FAFSA website is fafsa.gov
Stay safe.
The Cyber Show
by Dominic Alvieri
Twitter @AlvieriD
Not on Facebook
No comments:
Post a Comment