More than 1,000 schools, colleges and universities internationally have been targeted by over 3.5 million 'spear-phishing' attacks from June through to September, attempting to catch out staff as they try to continue running their establishments during the pandemic.
Spear-phishing is a personalised phishing attack that targets a specific organisation or individual. A recent example was at Lancaster University where students’ confidential data was accessed after a successful attack.
Cloud network security firm Barracuda Networks highlighted the problem faced by the educational establishment in its latest Threat Spotlight report.
When breaking down the types of spear-phishing attacks facing schools and universities, Barracuda researchers found that educational institutions are more than twice as likely to be targeted by a business email compromise (BEC) attack than an average organisation. More than one in four spear-phishing attacks that targeted the education sector was a carefully crafted BEC attack.
Predictably, there was a drop-off in spear-phishing attacks against the education sector in July and August when schools were closed for the summer break. But in June and September, which are usually the last and first months of the academic year, saw a surge in such attacks: 11 per cent higher than the average in June and 13 per cent higher in September.
In light of COVID-19, Barracuda also logged an increasing number of email spear-phishing attacks using topical subject headings to grab victims’ attention. These included ‘COVID-19 NEW UPDATES’, ‘Covid-19 Update Follow Up Right Now’, ‘COVID-19 SCHOOL MEETING’ and ‘Re: Stay Safe’.
Michael Flouton, vice president for email protection for Barracuda Networks, said: “Cyber attackers have come to understand that education institutions don’t often have the same level of security sophistication as in other organisations.
"Therefore, they will send carefully crafted email messages designed to trick unknowing and untrained victims into leaking personal or confidential information, such as login credentials, student records or payment information.”
Latest News
-
Meta handed €800m fine for ‘unfair’ Facebook Marketplace dominance
-
Amazon launches 3D digital shop for festive season
-
Government invests £975m in aerospace technology industry
-
Samsung Electronics to buy back shares worth $7.17 bn
-
Mastercard plans to phase out manual card and password entry by end of decade
-
Alan Turing Institute urges action after widespread election disinformation campaigns
Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.
Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.
© 2019 Perspective Publishing Privacy & Cookies
Recent Stories