Kaspersky's computer security company reported that since September 2017 and so far, nearly a thousand phishing attacks have been detected in the majority of fraudsters to create a web page that is visibly the same as the real site, aimed at getting victims to enter their login and password information into university digital systems.
All in all, researchers have found 961 attacks on 131, 131 universities, primarily targeting English-language universities. 83 of the contested institutions in the United States and 21 in the United Kingdom. The threats were very much interested in the University of Washington: Kaspersky Lab had detected 111 attacks on that university.
Statistics show that education institutions have suffered at least one attack last year in Finland, Colombia, Hong Kong, India, Israel, the Netherlands, New Zealand, Poland, South Africa, Sweden, Switzerland and the United Arab Emirates.
According to Nadezhda Demidova, security researcher at Kaspersky Lab, "the number of attacked organizations is really worrying: education seems to be becoming more and more common among cybercriminals. Heads of the university should take into account that all employees and students can become weak links and criminals they must therefore take the necessary security measures proactively. "
Demidova's recommendations to avoid this being a victim of fraud:
– Always check the link title and email address of the sender to see if they are credible before clicking on it; Even better, do not click the link, but enter the address bar in your browser. If you're not sure whether your site or sender is real and reliable, never enter your credentials. If you think your username and password are placed on a fake page, immediately change your password.
– Never use the same password for multiple sites or services, because if you steal, all of your accounts will be in danger.
– To ensure that no one is in any way prejudicial to the relationship and substitutes genuine websites for fraudulent or intercepting internet traffic, always use a secure connection; only uses Wi-Fi encryption and strong passwords, or uses VPN solutions that encrypt traffic.
– When using your own computer to surf the web, even on a mobile device, always use a robust security solution that will alert you if you try to visit the phishing site.