ED Grant Portal Target of Phishing Campaign

Threat researchers at BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal. Multiple lookalike domains have been observed hosting phishing kits or cloned login portals in an attempt to harvest login credentials from legitimate users, the cybersecurity company explained.

"These domains attempt to clone or imitate the official G5.gov interface and may be targeting education professionals, grant administrators, or vendors tied to the U.S. Department of Education," BforeAI reported, adding, "This activity is particularly alarming given the recent Trump Administration announcement of 1,400 layoffs at the Department of Education, which may create confusion and an opportunity for social engineering."

BforeAI noted that credentials stolen through this campaign could allow attackers to access sensitive grant award data, change payment instructions, or impersonate recipients for fraud, among other potential impacts. Users are advised to avoid clicking on links from unknown sources, always verify URLs, and report suspicious e-mails or domains to their organization's cybersecurity team or to [email protected].

For more information, go to the BforeAI site.

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

Featured

  • Stylized illustration showing cybersecurity elements like shields, padlocks, and secure cloud icons on a neutral, minimalist digital background

    Microsoft Announces Host of Security Advancements

    Microsoft has announced major cybersecurity advancements across its product portfolio and practices. The work is part of its Secure Future Initiative (SFI), a multiyear cybersecurity transformation the company calls the largest engineering project in company history.

  • shield with an AI microchip emblem hovering above stacks of gold coins

    Report: AI Security Spend Surges While Traditional Security Budgets Shrink

    A new report from global cybersecurity company Thales reveals that while enterprises are pouring resources into AI-specific protections, only 8% are encrypting the majority of their sensitive cloud data — leaving critical assets exposed even as AI-driven threats escalate and traditional security budgets shrink.

  • laptop on a clean desk with digital padlock icon on the screen

    Data Privacy a Top Concern as Orgs Scale Up AI Agents

    As organizations race to integrate AI agents into their cloud operations and workflows, they face a crucial reality: while enthusiasm is high, major adoption barriers remain, according to a new Cloudera report. Chief among them is the challenge of safeguarding sensitive data.

  • charts and graphs over a softly blurred academic-style background

    New Jersey School District Taps Otus, Discovery Education for Data Insights

    West Windsor-Plainsboro Regional School District in Central New Jersey has partnered with assessment and data platform Otus and ed tech company Discovery Education to better utilize data to support student achievement.