The socially engineered campaign used a legitimate domain to send phishing emails to large swaths of university targets.