A phishing attack originating from a compromised account was used to target members of an educational institution. The email, disguised as a legitimate university notice, linked victims to a phishing form built on the no-code platform Jodoo.com, designed to collect sensitive information including usernames and passwords. The goal was credential harvesting for follow-up Account Takeover activity. |
No-Code Phishing Lure Targets Universities
Threat actors employ No-code platform to harvest credentials.
What is the attack?
Why did it get through?
Verified Source: Email sent from a domain passing sender authentication checks.
Benign Content: The lure relied on plain text and a simple hyperlink with the name of the targeted organisation.
Legitimate Hosting: The phishing form was hosted on Jodoo.com, a legitimate platform, helping it evade link reputation checks.
What is required to solve for this attack?
Behavioral Analysis: Abnormal’s Behavioral AI flags never-before-seen senders, unusual email content, and URLs as anomalies that enable the detection of novel attacks.
Content Analysis and Natural Language Processing: Abnormal understands the email's content, recognizing the urgency and financial implications as indicators of a financial themed attack.