Education Sector Facing Disproportionate Level of Spear-Phishing Attacks
A new study conducted by Barracuda Networks has found that educational institutions are disproportionately targeted by spear-phishing attacks when compared to their counterparts across other industries. The new Threat Spotlight analysis concludes that between June and September of 2020, over 1,000 educational facilities faced over 3.5 million spear-phishing attacks. Barracuda states that over a quarter of the attacks observed were business email compromise attacks. This method is twice as likely to be used against colleges, schools, and universities when compared to other organizations.
According to the report, 4/10 of all attacks targeting this sector were spear phishing, while 28% were scamming attempts and 3% were related to extortion. While schools were closed in July and August, the spear-phishing attacks subsided and returned in September. Continuing a trend observed targeted other sectors, cybercriminals used the topic of COVID-19 to lure schools and universities into clicking on malicious links. Barracuda states that this high number of attacks may point to the fact that cybercriminals are aware that schools often lack strong cybersecurity infrastructure, making them easy targets.