Cybersecurity researchers have issued a warning: many universities are not doing everything they should be to block fraudulent emails due to not following the best cybersecurity practices. The result? Countless UK students are at risk of becoming the targets.
Proof in point, the authors of the newly-released report, have found that 65% of the top 20 universities in the UK are, in fact, not employing any kind of industry-recommended tool for authenticating emails.
The purpose of doing this is to make sure that the email a student receives is genuine and not an impersonation – a tactic commonly used by cybercriminals to take someone for a ride. As it turns out, only 1 out of 20 universities examined by the researchers was using the level of DMARC protection the experts recommend. A total of 35% were found to be using some form of protection, but not something that would be considered strong enough.
Kevin Epstein is concerned about the situation. As things are right now, top students could become victimised by cybercriminals who would trick them into sharing personal data.
In 2018, the education sector went through a substantial year-on-year increase in email fraud attacks rivalling any industry. As such, authentication protocols such as DMARC should be used to bolster the necessary cyber defences.
Social engineering and impersonation are only some of the technique’s cybercriminals use and universities can be targeted as well. With that in mind, students need to be extra careful to check the validity of any email message they receive.