How to spot a phishing attack at your school

Mon, 09 Dec 2024 11:42:52 +0000

Phishing attacks are a common way cybercriminals attempt to gain access to systems or steal sensitive information, with attacks against schools increasing year on year. These attacks disguise themselves as routine communications, such as incomplete attendance registers, payment issues, or even messages from your MIS. In a busy school environment, it’s easy to mistake a phishing email as a genuine request.

The best defence is learning how to identify phishing attempts. By educating yourself on what phishing looks like and how to report it, you can help keep your own and your school’s data safe.

–

What is phishing?

Phishing is a method used by criminals to trick people into sharing sensitive information or clicking harmful links via fake emails, text messages, or phone calls. Their goals often include:

Stealing personal data like login credentials or sensitive information
Installing malware on devices to cause further damage
Manipulating victims into sending money

Attackers often impersonate trusted individuals or organisations, such as your headteacher, MIS provider, or even Ofsted, to make their messages seem legitimate.

–

How to spot a phishing attack

Phishing tactics have become more sophisticated as criminals get smarter and use new tools like AI, making attacks harder to spot. Criminals now use convincing language and fewer grammatical errors to appear credible. Despite this, phishing emails often contain tell-tale signs. Watch for these red flags:

Urgency

Scammers try to quickly gain your trust. They aim to pressure you into acting without thinking. Messages that pressure you to act quickly (e.g., “respond immediately” or “within 24 hours”) often aim to bypass your critical thinking.

Authority

Is the message claiming to be from someone official? For example, your headteacher, Ofsted, The DfE, or your MIS provider. Criminals often pretend to be important people or organisations to trick you into doing what they want.

Emotion

Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more by clicking on a link or downloading an attachment.

Current events

Are you expecting to see a message like this? Criminals often exploit current news stories, big events or specific times of year (like census) to make their scam seem more relevant to you.

Questionable links or attachments

As a best practice, never click on any hyperlinks or download any attachments from emails you aren’t expecting. You can verify the validity of a link by hovering over the link without clicking and checking if the URL is consistent with what you’re expecting.

Unreasonable request

Are you being strongly compelled to follow a link, open an attachment, or submit credentials? Does the message warn of dire consequences if you fail to respond? Is this the kind of language the sender would normally use? These can be clues that someone is pretending to be as someone they aren’t. If it seems unusual, trust your gut and report it to your security team right away.

–

How to check if an email is genuine

If you have any doubts about a message, stop the conversation and think. Try to contact the organisation directly to verify. Don’t use any phone numbers of email addresses given to you – use the details from the official website or any contact details you have previously recorded. Any well-meaning person will understand that you’re trying to keep safe: verifying requests is a normal thing to do.

–

Mitigate phishing attacks by enabling two-factor authentication

You can greatly reduce the impact of phishing attacks by enabling two-factor authentication (2FA). With 2FA, even if a criminal gains someone’s password, they won’t be able to access systems without the second layer of security (often a mobile phone or physical device).
For guidance on enabling 2FA in Arbor visit our Help Centre article: Setting up two-factor authentication for School and MAT MIS users

–

What to do when you receive a phishing email

Here are five steps to take if you suspect you have received a phishing email:

1. Avoid clicking links or downloading attachments

Opening a link might be enough to compromise your computer or take over any active login sessions you have. Attachments may contain malware that could damage your computer or spread through the network.

2. Don’t reply to the sender

Engaging with the email confirms your address is active, making you a future target.

3. Report the email, then delete

Notify your IT or security team through your school’s reporting process. They can investigate and warn others.Share details with colleagues to help them avoid falling for the same scam. Once confirmed as phishing, delete the email and empty your trash folder to prevent accidental exposure.

You can also forward suspicious emails that you think are a scam to the National Cyber Security Centre at report@phishing.gov.uk. For more information, click here.

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud here.

4. Strengthen your security

Change your password immediately: Ensure it’s unique and strong. Update it on other systems if reused elsewhere
Enable Two-Factor Authentication to strengthen account security

5. Contact your IT Team

They’re there to help mitigate risks and secure systems if necessary

–

Final thoughts

Phishing attacks are a persistent threat, but with the right precautions and a cautious mindset, you can help protect your school’s systems and sensitive information. Remember, it’s always better to verify than to assume. By reporting suspicious emails and encouraging others to do the same, you contribute to a safer and more secure environment for everyone.

Security Archives - Arbor