Cybercriminals take advantage of back to school

As the back-to-school season approaches, Kaspersky experts have identified a significant increase in fraudulent activities. Every year, cybercriminals take advantage of the academic and shopping period by launching sophisticated phishing campaigns. However, Kaspersky experts warn that this year the campaigns have become more targeted, with the theft of personal data from students, teachers and administrators in the education sector taking centre stage.

Fraudsters are increasingly exploiting data collection forms on platforms such as SurveyHeart.com, a questionnaire similar to Google Forms, to carry out scams. Kaspersky experts have identified phishing attacks using these fake questionnaires to target students at Neumann University in the US.

In one such scam, victims receive a notification claiming to be using two different Microsoft school email accounts on various university portals. To prevent their Office 365 account from being deactivated, they are asked to complete a survey that requires sensitive details such as name, phone number, university email address and account password.

Another scam uncovered by the team involves scammers creating fake gifts promising students the chance to win various high-end gadgets useful for education, from iPhones to iPads and laptops. To enter these enticing competitions, victims are asked to provide personal information and indicate the model of laptop they want. In addition, individuals are asked to share with 15 of their contacts via WhatsApp a link that redirects to a prize draw page. While the prospect of winning a valuable item such as a laptop is enticing, there is a hidden catch: the supposed winners must pay to receive their prizes. This requirement for additional payment is a clear red flag that the contest is a scam.

The offer may seem tempting, but the combination of an unusually generous prize and the requirement to cover delivery costs is an indicative sign of fraudulent activity.

To stay safe from such scams, Kaspersky experts also recommend:

• Remain sceptical: Be wary when you come across offers that seem "too good to be true", especially if they require payments or personal details upfront.
• If they seem to be too much of a bargain, especially if they offer offers that may be too expensive or require advance payment: Thoroughly investigate any scholarships, giveaways or offers that come up. Seek official contact information and confirm legitimacy before taking any action.
• Secure your information: Avoid sharing sensitive data online unless you are absolutely certain of the legitimacy of the request.
• Use trusted sources: Stick to official educational websites, recognized scholarship platforms and trusted retailers when making payments or providing personal information.
• Turn on multi-factor authentication (MFA): enable MFA where possible, adding an extra layer of security to your online accounts. Use a trusted password manager that not only stores your passwords, but automatically generates one-time passwords for two-factor authentication (2FA).
• Use a trusted security solution for comprehensive protection against a wide range of threats.