Need IT Support Now? Click Here. Not a customer? No problem. Support Line: 0345 222 0179
0345 222 0179
office@auxitsolutions.co.uk

Phishing E-mail Warning for Schools

In the past week a highly successful phishing attack has been spreading through local Dorset and Hampshire schools.

This scam is not a new scheme but it’s current form has proven to be particularly effective – with a large number of users falling victim and keeping the threat alive.


What To Look For.

The threat is an empty e-mail from contacts who have been compromised that contains an “Open message” button like this;

There are variants such as “Display message” or “View message”. The method is simple – tricking users to clicking this button from a supposed trusted source.

Once clicked you are led to a login page asking you to enter credentials to view the message.

If entered – your credentials are used to send this email on to all addresses in your inbox, continuing the cycle. Further purposes are unknown, but unless your password is changed it’s safe to assume these details are stored, known and therefore compromised.


What To Do.

Firstly, we highly recommend sending an urgent e-mail to all users, including governors, warning about this e-mail and not to click or enter any details.

Explain that no legitimate e-mail will contain a button of this type. If a message cannot be received or display contents you will get an error message, not anything like this.

E-mails will not ask for your login credentials to show messages.

Finally, anyone who has been compromised must change their password urgently. We would advise your E-mail administrator to force sign out of all devices from your e-mail dashboard if available, to immediately disconnect any malicious agent.

If anyone requires an e-mail template, we have one you can adapt.


Technical Advice.

Of course, warnings and advice only go so far, and all it takes is one user to be in a rush and get caught out by this scam.

Your IT team or IT manager will ideally be looking at creating a rule to quarantine these e-mails to remove all risk of these being clicked.

We have developed a way to block these e-mails reaching inboxes for our Office 365 clients and have rolled this out to our current customers. We are more than willing to assist anyone who requires assistance in setting this up. We have a ready-made Office 365 rule that we can provide, for free.

Other systems will have similar rules and we can offer assistance here too.

Whilst threats such as these are always changing, if you have concerns about this particular threat and how to stop it reaching your users – feel free to contact us for advice.

To discuss anything raised in this post, please e-mail support@auxitsolutions.co.uk

Posted by Aux IT Solutions

Related Posts:

New Year, New Password!

Make password security your new years resolution in 2019!

Is Your IT GDPR Ready?

Is your system GDPR proof? Here are some thins you may not have considered.

Leave a Comment

Your email address will not be published. Required fields are marked *