The back-to-school season is traditionally a profitable time for fraudsters, as millions of students around the world prepare to pay tuition fees, or buy school supplies and new books. With universities increasingly concerned about the cybersecurity of their networks, attackers find ways to breach these systems, targeting inattentive students, staff, and faculty. Kaspersky experts highlight the intensification of phishing campaigns with fraudsters exploiting the names of the world's biggest universities. University-specific phishing pages are generally well-crafted and mimic official university pages or online learning management systems. When users visit fake pages, they are tricked into sharing personal information such as account credentials, IP addresses or location data. The importance of securing university business accounts is often underestimated when it comes to protecting organizations' data. Famous names of educational institutions, some with critical research centers operating in various fields from political economy to nuclear physics, are used as bait to distribute phishing pages.And with governments and large companies frequently buying research studies from these universities, this makes the sensitive data they hold extremely valuable to attackers. By accessing student or employee accounts, the attacker can access his victims' personal information, but also their educational plans, payment information and class schedules. This carries the risks of transitioning from online threats to real-life stalking and abuse
“With education becoming more digitized it is a beneficial change. Not only do learning management systems enable students to maximize their academic progress in the most efficient way, but more people around the world have the opportunity to learn from the best professors at the biggest universities. This also broadens the spectrum of threats that students face. Scammers are luring students into giving up their personal credentials to access data that contains not only unique knowledge, but also private and potentially compromising information.” Olga Svistunova, security expert at Kaspersky
Kaspersky recommends the following measures to safeguard systems and young people against education fraud:
- It will be safe to check the link before clicking. Hover your cursor over it to view the URL, and look for misspellings or other irregularities
- Enter somehow two-factor authentication for information systems, especially web-based ones, and particularly for accessing student records, grades and assessments. Set strong and adequate access controls so that it is not easy for a hacker to move laterally through the system.
- On campus, have two separate and secure wireless networks, one for staff and one for students, and one for visitors if necessary.
- Introduce and enforce a strong personnel password policy and encourage everyone to keep their login credentials confidential at all times. Never use the same password for multiple websites or services, because if one is stolen, all your accounts are at risk. To create strong, hack-proof passwords without having to struggle to remember them, use password managers such as Kaspersky Password Manager.
Use a reliable security solution for comprehensive protection against a wide range of threats, such as Kaspersky Endpoint Security for Business Follow all the technological news on TecheNet throughTelegram or WhatsApp ). All the news in real time and without delays! Other interesting articles:
