Heads Up 11th January 2017

HEADS UP

Sections

Glossary of terms

Contact us

Phishing campaign and ransomware alert

** Please circulate the following alert to staff within your school **

Fraudsters are targeting education establishments claiming to be from the Department for Education requesting the personal email address and/or phone number of the headteacher/financial administrator. The fraudsters are claiming that they need to send guidance forms to the head teacher (these so far have varied from exam guidance to mental health assessments). The person on the phone will claim they need to send these documents directly to the headteacher and not to a generic school inbox, arguing that they contain sensitive information.

The emails will include an attachment - a .zip file (potentially marked as an Excel or Word document).  This attachment will contain ransomware, that once downloaded will encrypt files and demand money (up to £8000) to recover the files.

A similar scam attempt has been made recently by fraudsters claiming to be from the Department for Work and Pensions and telecoms providers (in case they need to speak to the headteacher about ‘internet systems’).

The following advice has been issued by the National Fraud Intelligence Bureau:

Having up-to-date virus protection is essential; however it will not always prevent you from becoming infected. Please consider the following actions:  

  • Although the scammers may know personal details about the head teacher and use these to convince you they are a real employee, be mindful of where these have been obtained from; are these details listed on your public facing website?  
  • Please note that the ‘Department of Education’ is not a real government department (the real name is the ‘Department for Education’).
  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the devices you back up to aren’t left connected to your computer as any malware infection could spread to that too.
  • Do not pay extortion demands as this only feeds into criminals' hands, and there's no guarantee that access to your files will be restored if you do pay.
  • If you think your bank details have been compromised, you should immediately contact your bank.
  • If you have been affected by this, or any other scam, report it to Action Fraud by calling 0300 123 2040, or visiting www.actionfraud.police.uk.

 

Comments

No comments have been left for this article

Have your say...

Your name will be published alongside your comment but we will not publish your email address.

All comments will be reviewed by a moderator before being published.

Please ensure you complete all fields marked as mandatory.

Our Vision:

Every child and young person in Warwickshire will:

  • Attend a good or outstanding school or setting;
  • Achieve well whatever their starting point or circumstances; and
  • Go on to positive destinations

Contact us

Taylorfitch. Bringing Newsletters to life

We use cookies to improve your experience of our website and by using this emagazine you are consenting to this. Find out why we use cookies and how to manage your settings in our Privacy Statement..