Through cold calling, the fraudsters aim to obtain the personal email of the head teacher or financial administrator so they can send a .zip file infected with ransomware. Once downloaded, it will encrypt the files on the computer and demand up to £8,000 in ransom.
A first red flag for recipients should be the name of the institution, which is not “Department of Education” as used by fraudsters, but “Department for Education.” In the past, scammers have also impersonated the Department for Work and Pensions and telecom providers.
Ransomware attacks are set to grow in 2017, expanding from mainly private users, to include all types of businesses and organizations, including healthcare and educational sectors. As a result, the ransomware protection market is forecast to grow to $17.36 billion by 2021, according to MarketsandMarkets.
If users are concerned about losing valuable data and proprietary information, paying the ransom might not help, as criminals may not even release a decryption key even when paid. To avoid file encryption and data loss, keep a backup in multiple locations, install and regularly update a security solution and other running software, remain vigilant for email spoofing by double checking the header for the real sender, and immediately reach out to the nearest law enforcement office in case of infection.