Hackers apparently are taking advantage of poorly secured systems at private schools in the U.K., nicking identifying data, typically through phishing attacks, that they could then use to target parents with fake invoices and other means of cybercrime.
The Information Commissioner’s Office noted a case of a private school attack, and the Independent Schools’ Bursars Association’s chief executive said that cyberattacks have graduated from being an “isolated incident” to a serious concern, with fraudsters likely being “one step ahead,” according to a report in the Telegraph.
The report also cited Cyber|Decider’s Neil Hare-Brown as saying that six private schools filed insurance claims in the last two-and-a-half months as a result of cyberattacks.
“By targeting organizations such as schools, which are (quite understandably) more likely to be interested in spending on education than cybersecurity, fraudsters have identified a lucrative industry, with parents guaranteed to have disposable income they can engineer into their own hands,” said Ryan Wilk, vice president at NuData Security. “This warning should make private schools sit up and take notice of the threat cybercrime and fraud present, and the damage this kind of scam could do to their reputation. Equally, parents of private school pupils should remain extra vigilant to any emails allegedly coming from the school, and should doublecheck with the institution before making any kind of payment.”