Action Fraud – “Department of Education” ransomware alert for schools

Action Fraud have published an alert warning to schools reagrding a scam which  tricks people into installing ransomware which then encrypts files on victim’s computers.

Fraudsters are initially cold calling education establishments claiming to be from the “Department of Education”. They then ask to be given the personal email and/or phone number of the head teacher/financial administrator. They then claim that they need to send guidance forms to the head teacher (these so far have varied from exam guidance to mental health assessments). The scammers on the phone will claim that they need to send these documents directly to the head teacher and not to a generic school inbox, using the argument that they contain sensitive information.

The emails will include an attachment – a .zip file (potentially masked as an Excel or Word document). This attachment will contain ransomware, that once downloaded will encrypt files and demand money (up to £8,000) to recover the files.

It should be noted that similar scam attempts have been made recently by fraudsters claiming to be from the Department for Work and Pensions and telecoms providers (in this case they need to speak to the head teacher about ‘internet systems’).

How to protect against this type of fraud

Having up-to-date virus protection is essential; however it will not always be able to prevent you from becoming infected.

Please consider the following actions:

  • Although the scammers may know personal details about the head teacher  and use these to convince you they are a real employee, be mindful of where these have been obtained from, are these listed on your school website?
  • Please note that the “Department of Education” is not a real government department (the real name is the Department for Education).
  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication or contact them via a trusted point of contact e.g a nationally known number or email.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the device you back up to aren’t left.

If Kent schools would like to discuss any of this further, please contact your Area Education Officer.

To report a fraud and cybercrime and receive a police crime reference number, call Action Fraud on 0300 123 2040 or use their online fraud reporting tool.

Advertisements
This entry was posted in 2017, Cybercrime, Schools and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s