Education institutions across the world, including India, have been pushed to operate online from homes owing to the COVID-19 pandemic. As more teachers and students coordinate classes via the internet, they are constantly targeted by hackers through various forms of malware and cyber attacks. A new report on Friday claims that spear-phishing attacks on Indian schools and colleges via Gmail have increased in September following a drop during the summer vacations (July-August). Spear-phishing is a form of personalised phishing attack that targets a specific organisation or individual, with intentions to steal data for malicious purposes.
According to Barracuda Networks, which tracks cloud-based security threats across various sectors, educational institutions are more than twice as vulnerable to phishing attacks than an average organisation. The company says that its researchers over the last few months, evaluated over 3.5 million spear-phishing attacks executed on various sectors, and it was found that over 1,000 schools, colleges, and universities in India were affected. Researchers at Barracuda also noticed that phishing attacks on educational institutes were mainly carried using two methods between July and September - email scams and service impersonation. In many cases, Gmail accounts were the primary medium for hackers to launch phishing attacks, accounting 86 percent of total spear-phishing attacks, the report notes. These emails via Gmail were part of carefully-crafted business email compromise (BEC) attack, that is a form spear-phishing attack, the company notes.
Barracuda Networks researchers also add that cybercriminals prefer to use well-known email providers like Gmail because they are free, easy to register, and “have a higher reputation in the market." Many times, attackers customised malicious email addresses using terms like ‘principal,’ ‘head of department,’ ‘school,’ and ‘president’ to make them look authentic. Similarly, emails carrying the phishing links are sent with eye-grabbing subject lines such as COVID-19 New Updates, COVID-19 School Meeting, COVID-19 Update, and Follow Up Right Now, to grab the receiver’s attention. In the case of schools and colleges, it was found that 57 percent of infectious emails sent from internal accounts. “This means accounts in the education industry were used to send more attacks than they actually received. Since there was a high degree of trust associated with these compromised accounts due to their legitimacy, it was incredibly valuable for criminals who used them as a perfect launchpad for attacks," Barracuda Networks explained.
The company adds that as schools and other educational institutes in India continue to operate online, cybersecurity threats should be widely addressed among them. For starters, schools and colleges need to prioritise email security that leverages AI to identify unusual senders and requests. Barracuda Networks further says that institutes must also invest in technology that will enable them to identify suspicious activities and potential signs of account takeover.