K-12 Phishing

Just a click away

We entrust a lot of information to our schools. Students names, addresses, social security numbers, phone numbers; a host information sits securely in those (digital) halls. But is it secure?

Most schools take precautions to safeguard their students data. There are firewalls and antivirus programs in place. In addition, the IT directors are serious about their jobs. Unfortunately, those IT directors can’t monitor everyone.

Many schools (and businesses) have a “frequent offenders” list. This means a group of people who don’t take security measures into their own hands. These individuals haven’t taken the time to educate themselves on proper online health. They’re the “do not allow” list.

Phishing in school

Ah yes, the “do not allow” lists. In other words, these are the problem folks. Not that they’re doing anything to intentionally cause harm. They just aren’t knowledgeable about scams. In other words, they’re an unintentional threat.

This is one reason schools are such a frequent target. Schools are a wealth of information coupled with poor gate keeping procedures.

The numbers

According to EdTech magazine, more than half of K-12 CTOs say that phishing scams are a very serious problem. The article also states that the majority of phishing scams in 2018 were carried out over email. Some examples of these emails can be seen below.

Example of a phishing scam
Phishing scams play on fears
Look at the address the email was sent from. A WellsFargo email will be sent by an @wellsfargo.com address.

According to the 2018 K-12 Cybersecurity Year in Review, there were 122 publicly disclosed cybersecurity incidents with 119 schools affected. Two schools reported more than one incident. So, in other words, there was a reported attack once every three days in the United States in 2018.

Are Schools Ready

Given the propensity to ignore these incidents and say, “that won’t happen to me,” it’s a wonder there haven’t been more reported. But what can schools do to take a proactive and preventative approach to cybersecurity?

Well, first off is to use an antivirus program that uses whitelist technology. Whitelisting is the antivirus recommended by government agencies and tech leaders alike.

In addition, education is key. The “frequent offenders” and “do not allow” list can no longer be ignored. It’s time to train these guardians of data on how to properly do their job.

Finally, making sure that proper permissions are in place so that students aren’t able to accidentally leak data. While educating students on internet health, there still need to be blocks in place to keep them safe while they learn.

In conclusion

Keeping data in schools safe is a must. This month we’re going to be delving into different topics about cyber health in education. I hope you’ll join us. Class is in session.

1,309 total views, 13 views today

(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.