Education Sector Facing Disproportionate Level of Spear-Phishing Attacks

Education Sector Facing Disproportionate Level of Spear-Phishing Attacks

Educational institutions are being disproportionately targeted by spear-phishing attacks, according to a new study by Barracuda Networks.



The security firm’s latest Threat Spotlight analysis found that in the period from June to September 2020, over 1000 schools, colleges and universities faced more than 3.5 million spear-phishing attacks.



More than a quarter of these were business email compromise (BEC) attacks, a method which is over twice as likely to be used against educational institutions compared with an average organization across all sectors.



More than four in 10 (41%) of all attacks targeting education were spear-phishing, according to the analysis, with 28% scamming attempts and 3% related to extortion.



Spear-phishing attacks dropped off in July and August when schools were closed, and were at their highest in June and September: 11% and 13% higher than average, respectively.



Cyber-criminals increasingly used the topic of COVID-19 as a lure for these phishing attacks, with subject headings including ‘COVID19 NEW UPDATES’; ‘Covid-19 Update Follow Up Right Now’; ‘COVID-19 SCHOOL MEETING’ and ‘Re: Stay Safe’.



Barracuda also highlighted examples the potentially devastating costs of these types of attacks, including the Manor Independent School District in Texas reporting that a seemingly normal school-vendor transaction resulted in a loss of $2.3 million.



Michael Flouton, VP email protection for Barracuda Networks, commented: “Cyber-attackers have come to understand that education institutions don’t often have the same level of security sophistication as in other organizations, and therefore, they will send carefully crafted email messages designed to trick unknowing and untrained victims into leaking personal or confidential informati ..

Support the originator by clicking the read the rest link below.