AI-Driven Phishing Hits K-12

AI is making phishing attacks in K-12 more convincing by using real details from school websites and public communications to impersonate staff. Attackers are leveraging AI's open-source intelligence capabilities to personalize these "spear phishing" attempts on a massive scale. This exploits the culture of trust and openness inherent in educational environments. The Microsoft OAuth Device Code flow, intended for devices with limited input like smart TVs, is being abused to gain access to Microsoft 365 accounts. Attackers trick users into entering codes on a legitimate Microsoft page, granting access tokens without needing passwords, even with MFA enabled. These attacks are hard to detect because they occur on genuine Microsoft domains using encrypted traffic. To bypass Cloudflare's security, hackers are exploiting misconfigurations and identifying the real IP addresses of cloud targets. They also use techniques like TLS fingerprinting and smart proxy rotation to evade detection. Some attackers are even using AI to create polymorphic malware that changes its code to evade antivirus software.