Government warns colleges as email ‘phishing’ scams inflict financial losses

FE colleges and other “educational institutions” are being warned about new cyber-attacks which have already claimed some victims and resulted in financial losses.

The latest Education and Skills Funding Agency update, published today, contains information about a “phishing” scam – where a fraudster disguises as a trustworthy source in an electronic communication to trick people into giving them their personal details.

In this instance, the perpetrators are using the title of a genuine email which the user has replied to recently, in order to trick the user into believing the fake email is in fact authentic.

This email contains a link that takes the user to a website which requests user credentials, which the perpetrator uses to send “harmful” emails from the user’s account.

On a mobile device, the harmful email sometimes appears with a coloured button saying ‘Display Message’, according to the ESFA.

The fraudster then requests the user changes the bank account it uses for the Department for Education, the ESFA, or another payment provider.

They often uses multiple official email addresses to make their messages look legitimate.

If undiscovered, a payment may be made to the fraudulent account, the account could be emptied, and a new victim could be targeted.

The agency has said some victims of the attacks have suffered “financial losses” in consequence.

It advises users to ensure they have firewalls, strong passwords and anti-virus software in place, be alert to emails containing seemingly legitimate links, and check whoever sent the email is genuine before the user sends them passwords, data, or payment.

Users have been asked to email if they become aware of any phishing attempts.

If you have you been targeted by this scam, send the ‘phishing’ emails you have received to

The FE sector was previously targeted by fraudsters in 2014, when emails purportedly from the then-Skills Funding Agency were sent to providers, asking for them to send details which would allow the fraudster to take money from the provider’s bank account.

Your thoughts

Leave a Reply

Your email address will not be published. Required fields are marked *