Schools and colleges are being warned about a “despicable” cyber attack where scammers pose as a parent of a student who is in hospital and cannot make their exam, in order to potentially gain sensitive details.
The email sent to exams officers says: “I am Jamie’s mum and I was told to contact you in regards to his examinations, I just want to make you are aware [sic] that he’s had a bad fall down the stairs.
“I took him to hospital right away and the bone has fractured. They told him to rest but I don’t think he’s going to be able to make it to him [sic] exams.”
The person says a medical report from the hospital is attached for the exams officer to “check over”. However, opening the attachment installs a virus on the recipient’s computer.
When asked about the attack, a spokesperson for the National Cyber Security Centre said: “We know scammers exploit topical issues to trick people into sharing sensitive details or clicking on malicious content.
“Any attempt to scam school and college staff is despicable and if individuals spot suspicious messages they should forward them to us at email@example.com”.
The Joint Council for Qualifications warned exams officers about the email earlier this week. The body said a “small number” had received the “suspicious email containing a virus”, but did not know exactly how many had been affected.
JCQ said in an email to officers: “This is a gentle reminder asking you to remain vigilant about potential cyber attacks.
“If you receive this or any other email you are unsure about, do not open it or click on any links. Contact your IT department for support.”
A spokesperson for JCQ, which represents exam boards, said potential cyber security risks are something schools and colleges “take seriously throughout the year”.
The NCSC, which is a part of government intelligence agency GCHQ, issued multiple alerts last year after an increase in ransomware attacks against schools and colleges.
It warned: “It is important senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services.”
Schools and colleges lost financial records, students’ coursework and Covid-19 testing data during more than 70 cyber attacks on the sector during the pandemic.
More recently, colleges were warned to brace themselves for possible cyber attacks amid a heightened threat from Russia following its invasion of Ukraine.
Cyber attacks affecting colleges, which have included doctored emails from principals and hoax terror attacks, were on the rise before the pandemic.
South and City College Birmingham was forced to shut its eight campuses following a major ransomware attack that disabled its core IT systems last year. Lincoln College was hit by a similar attack in 2020.
The government last year trialled a new, free cyber security tool that schools and colleges can use to measure the robustness of their online security measures.
The rise in cases has sparked an “education drive” from national crime agencies. The NCSC, for instance, wants schools and colleges to sign up to its Early Warning cyber incident notification service, which was launched last year.
Tom Middlehurst, curriculum, assessment and inspection specialist at the Association of School and College Leaders, said: “It is sadly a feature of the digital age that malicious emails containing viruses are sent to school and college staff, as they are to many other organisations.”
The NCSC has also published a free cyber security training package for school staff and advice on common signs to look for in scam messages.