The back-to-school season traditionally corresponds to an ideal time for scammers. During this period, millions of students around the world prepare to pay tuition or buy school supplies and new books. At a time when there is more concern about the cybersecurity of university networks, attackers are looking for ways to breach these systems by targeting careless students, staff and teachers. Kaspersky experts draw attention to intensified phishing campaigns, in which scammers exploit the names of the world’s largest universities.

Phishing pages specific to universities often imitate official university websites or online student management systems. When users visit the deceptive page, personal information such as login credentials, IP addresses, or location data falls into the hands of attackers.

The importance of corporate account security in universities is overshadowed by the importance of data owned by organizations. That is why the names of famous educational institutions with critical research centers operating in fields ranging from economics to nuclear physics are used as a lure to form the basis for phishing pages. Governments and large corporations that buy research work from universities make this sensitive data extremely valuable to attackers.

By accessing student or employee accounts, the attacker can gain access to victims’ personal information, education plans, payment information, and syllabus. This also risks the transition to real-life tracking and exploitation of online threats.

Kaspersky Security Specialist Olga Svistunovasay: “The digitization of education is a positive development. This not only enables students to efficiently maximize their academic progress, but also gives more people around the world the opportunity to learn from the best professors at the largest universities. But it also broadens the spectrum of threats facing the student. Scammers are encouraging students to share personal identifiers to access their data, which includes not only their expertise, but information that could put them at risk.”

To protect education information systems and young people from such fraud, Kaspersky recommends the following:

• Please check the link before clicking. Hover the mouse pointer to preview the URL, looking for typos or other irregularities.
• Enable multi-factor authentication to access information systems, especially web-based systems, and student data, grades, and assessments. Define strong access controls to prevent the hacker from moving sideways in the system.
• Provide two separate secure wireless networks on campus, one for employees and students and one for visitors.
• Create and maintain a solid password policy. Encourage everyone to keep their access information confidential at all times. Never use the same password for multiple websites or services. Otherwise, stealing even one of them puts all your accounts at risk. Get help from password managers like Kaspersky Password Manager to create strong, unbreakable passwords without having to remember them. The solution can be purchased separately or as part of Kaspersky Total Security. To celebrate the start of the new academic year, users who purchase Kaspersky consumer solutions will be offered a discount of up to 30 percent. This offer is valid until September 12.
• Use a reliable security solution that provides comprehensive protection against a wide range of threats, such as Kaspersky Endpoint Security for Business.

Source: (BYZHA) – Beyaz News Agency