Hackers Target Students’ Financial Aid through Phishing Attack
The Education Department of United States issued a warning about malicious attackers trying to get access to financial aid refunds of students at multiple colleges. The warning further said that they are doing it by sending fake emails to the students of multiple colleges.
As per a department spokesman, the Office of Federal Student Aid of U.S. Education Department confirmed that they have received numerous reports from various universities and colleges about the phishing attacks that are targeting the email accounts of the students.
The target of the hackers is the financial aid refund of the students, the money that is distributed to the students after paying tuition and other expenses. For instance, a student receives a specific federal student aid. That financial aid is transferred electronically to a university by the Education Department. The university transfers the leftover financial aid to the student, and offers many ways to receive that money including electronic deposit to bank account or a debit card. As per the department, these student electronic deposits have become vulnerable.
As per post written by the department officials, the attacks started with phishing email that was sent through an institution's password-protected website for the students. The malicious emails sent were intended to extract the personal information of the students, through fraudulent means. The post further reported that the attackers emails content suggest that they did a thorough research of how the school corresponds with the students, and drafted the emails on the similar lines, receiving which, the students were tricked and gave away the information requested through the malicious email.
After gaining access, the attackers altered the direct-deposit destination of the students with the bank account that was controlled by them. Through this manner, the leftover federal aid money that was supposed to be transferred to the students was sent to attackers account.
The schools were warned that they would be held responsible if the fund of any of their students got transferred mistakenly to the hackers account. The authorities announced that: "any funds disbursed inappropriately may become the responsibility of the institution".
The schools that are not having two-factor identification email accounts are the most vulnerable, as the hackers can easily get access to their email systems. The agency has asked the colleges as well as universities to strengthen their security systems by using two-factor identification or multi-factor identification.
» SPAMfighter News - 9/25/2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!