Schools are being warned about a “despicable” cyber attack where scammers pose as a parent of a child who is in hospital and cannot make their exams, in order to potentially gain “sensitive details”.
The email sent to exams officers says: “I am Jamie’s mum and I was told to contact you in regards to his examinations, I just want to make you are aware [sic] that he’s had a bad fall down the stairs.
“I took him to hospital right away and the bone has fractured. They told him to rest but I don’t think he’s going to be able to make it to him [sic] exams.”
The person says a medical report from the hospital is attached for the exams officer to “check over”. However, opening the attachment installs a virus on the recipient’s computer.
When asked about the attack, a spokesperson for the National Cyber Security Centre said: “We know scammers exploit topical issues to trick people into sharing sensitive details or clicking on malicious content.
“Any attempt to scam school staff is despicable and if individuals spot suspicious messages they should forward them to us at firstname.lastname@example.org”.
Exams officers warned over ‘suspicious’ email
The Joint Council for Qualifications warned exams officers about the email earlier this week. The body said a “small number” had received the “suspicious email containing a virus”, but did not know exactly how many had been affected.
JCQ said in an email to officers: “This is a gentle reminder asking you to remain vigilant about potential cyber-attacks.
“If you receive this or any other email you are unsure about, do not open it or click on any links. Contact your IT department for support.”
A spokesperson for JCQ, which represents exam boards, said potential cyber security risks is something schools and colleges “take seriously throughout the year”.
The NCSC, which is a part of government intelligence agency GCHQ, issued multiple alerts last year after an increase in ransomware attacks against schools and colleges.
It warned: “It is important senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services.”
Schools had lost financial records, students’ coursework and Covid-19 testing data during more than 70 cyber attacks on the sector during the pandemic.
Concern over ransomware attacks
A more recent trend was for cyber criminals to threaten to release sensitive data stolen from a school’s network during the attack, with “many high-profile cases where the cyber criminals have followed through with their threats… often via ‘name and shame’ websites on the darknet.”
Cyber attackers demanded $8 million (£5.8 million) in ransom from the Harris Federation before leaking school data on to the darknet. In the sector’s most high-profile case, the trust was hit with a bill of over £500,000 in repairs of equipment and staff overtime because of the attack.
The government last year trialled a new cyber security tool that schools and colleges can use for free to measure the robustness of their online security measures.
The rise in cases has sparked an “education drive” from national crime agencies. The NCSC, for instance, wants schools to sign up to its Early Warning cyber incident notification service, which was launched last year.
Tom Middlehurst, curriculum, assessment and inspection specialist at the Association of School and College Leaders, said: “It is sadly a feature of the digital age that malicious emails containing viruses are sent to school and college staff, as they are to many other organisations.”
The NCSC has also published a free cyber security training package for school staff and advice on common signs to look for in scam messages.