Hello everyone, Detective Cy here with another lesson on staying cyber safe!
Did you know that even if an email looks perfectly normal, it can still be dangerous? Hackers are constantly finding new ways to gain the trust of their targets, which includes disguising themselves as trusted contacts. Unfortunately, a teacher from California recently learned this lesson the hard way.
While finishing her work one evening, Mrs. Wilson received an email with the subject “John’s Assignment Upload Failed.” The message, which had been sent by John’s mother, stated that she was having trouble submitting her son’s homework. She explained that his assignment was attached to the email instead, since John “didn’t want to be marked late” and they couldn’t submit it “the usual way you guys do it”.
Recognizing that technical difficulties can happen to anyone, Mrs. Wilson downloaded the attachment. Little did she know that this seemingly safe document would cause a school-wide security breach. When opened, the fake assignment downloaded malware that implemented a Remote Template Injection. This hid macro-laden documents amongst her files and acted as a gateway onto her computer for other malicious software.
Without knowing her computer was infected, Mrs. Wilson connected to her school district’s server. The hidden malware spread to each computer on the network and encrypted every file it could find. This gave the hacker access to sensitive information, such as the Social Security number and home address, of the entire faculty and student body.
The hacker demanded that the school pay a ransom in order to get the password required to unlock their encrypted files. The school district attempted to resolve the issue internally, but the malware prevented them from doing so. In order to regain control of their system and protect their personal information, the school district was forced to pay the hacker.
This is only one example of a scam that targets teachers in an attempt to overtake an entire school. The worst part is that it can be done simply using contact information typically found on a school’s website. To avoid this from happening to your school district, there are a few steps you should take before downloading an email attachment.
First, ensured that you know the person who sent the attachment. If you do, check to see if you have already received the attachment. If not, contact the person who sent the attachment and confirm that the file came from them. If necessary, offer to help them submit the file through a verified portal. Additionally, you can run the file through a virus scanner or send it to your IT department for review.
Following these simple steps would have prevented Mrs. Wilson from putting her entire school district at risk. The important thing to recognize, however, is that this can happen to anyone! Remember to stay vigilante and take every precaution against becoming the next victim of a cyber attack.
- Verify whether the student in question attends the school.
- Verify whether the student’s assignments have already been submitted.
- Verify the parent’s information or call them to discuss the issue. Talking over the phone cannot compromise your security, as long as you don’t discuss private information.
- Contact the IT department to determine if other students are experiencing similar issues.