Known Malicious Entities Targeting School Districts
Collaborating with our members, we compiled a list of malicious entities, including domains, accounts, addresses, and other indicators associated with recent phishing attacks. We encourage districts to share this list with IT or information security staff. They can block traffic or inbound correspondence attempts from malicious entities and reduce the likelihood of compromise. Because attacks are increasing and constantly evolving, we will update this list as we have new information.
Domains and email accounts
Fraudulent phone numbers
Other fraudulent accounts
WhatsApp account purporting to belong to the Fund TASBRMF@tasbrmf.org
Malicious IP addresses
Districts are encouraged to block inbound contact from all overseas IP addresses.
Social Engineering Pretexts
- Calls purporting to sell sponsorships or request financial donations on behalf of school districts
- Fraudsters targeting districts with ongoing construction to solicit fraudulent payments
- Requests to reconfirm your account password
Email subject lines