October 24, 2018

Academics, Beware: Phishing Fraudsters Hunt for University Credentials

Kaspersky Lab research reveals university staff and students around the world facing high volume of targeted phishing attacks

Woburn, MA – October 24, 2018 – Kaspersky Lab is urging academics to be cautious online, after the company's researchers detected multiple phishing attacks hitting at least 131 universities in 16 countries. These attempts to steal sensitive university information have taken place over the last 12 months, with nearly 1,000 phishing attacks detected since September 2017. Fraudsters are hunting for account credentials of both students and employees, as well as their IP addresses, location data and more.

Although many universities are attentive to their IT security infrastructure, attackers have discovered an effective way to breach their systems – by targeting careless or uninformed users. In these attacks, threat actors will create a webpage that appears identical to the university’s website or intranet portal, but which contains a few letters in the web address that differ from the official page URL. The fraudulent sites are then spread to unsuspecting students and staff through social engineering techniques. If victims fall into the trap and enter their credentials into the fake site, their sensitive information is sent directly to the phishers.

Overall, researchers detected 961 attacks on 131 schools in the last 12 months, aimed mostly at English-speaking universities. Of the institutions targeted, 83 are located in the United States and 21 are based in the United Kingdom. Threat actors were especially interested in the University of Washington; Kaspersky Lab detected 111 attack attempts aimed at the website of this particular school. Educational institutions in Asia, Europe and Africa faced attacks as well.

“As educational institutions becomes a popular target for cybercriminals, it is essential for university IT staff to take proactive measures to prevent phishing attacks,” said Nadezhda Demidova, security researcher at Kaspersky Lab. “In addition to strengthening IT security infrastructure, university leaders should also provide training resources that can help students and staff identify and avoid targeted phishing threats.”

Kaspersky Lab recommends the following security measures for university students and staff to avoid falling into a phisher’s trap:

  • Always check the link address and the sender’s email to determine if they are genuine before clicking on anything. If you receive a link through email that appears suspicious, type it you’re the browser’s address line instead of clicking through the email.
  • If you are not sure that a website is real and safe, never enter your credentials. If you think that you may have entered your login and password on a fake page, change your password immediately.
  • Educational institution staff and students should be trained on cybersecurity best practices to avoid phishing, such as never sharing sensitive data, including logins and passwords, with a third party, and not to click on links from unknown senders or in suspicious emails.
  • Install a robust security solution across all of your devices, including mobile, which will alert you if you are trying to visit a phishing web page.
  • Avoid using the same password for several websites or services, as it puts all of your accounts at risk if your login to one site becomes compromised.
  • When using public Wi-Fi, ensure that cybercriminals are not able to intercept your web traffic or invisibly replace genuine websites with fake ones by leveraging a VPN solution. For example, Kaspersky Secure Connection switches on encryption automatically when it detects an insecure connection, ensuring your web activity is not visible to attackers.
  • Organizations should implement a reliable endpoint security solution with anti-phishing technologies, such as Kaspersky Endpoint Security for Business, to detect and block spam and phishing attacks.

More information on phishing attacks facing universities can be found on Securelist.

About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact
Meghan Rimol