World Password Day and the dangers of phishing

May 4th marks World Password Day 2023, and it’s essential to inform children of the importance of having robust, secure passwords, as well as protecting those passwords once they are made. 

Online scams often target schools, with 1 in 5 British schools experiencing a cyber-attack last year, with 50% of those being a phishing scam. As a result, schools need to make both teachers and children aware of the dangers of phishing. 

What is phishing?

Phishing is a scamming technique in which a target is contacted by someone purporting to be from a reputable organisation or impersonating someone with authority. They will then ask to be given sensitive information, such as passwords. Phishing attempts make up 5.8% of global emails, illustrating just how common it is. 

Within schools, students may have their own accounts for computers/operating systems themselves, among a myriad of other services such as e-mail, Office 365, and others. Giving up passwords to any of these could cause major problems for any educational institution. Here’s some easy tips you can pass on to students and staff that will help protect your organisation: 

Look out for errors

Spelling and other errors are an easy tell for a phishing email. Oftentimes this is done in order to bypass filters, but sometimes it’s just a lack of care. Either way, looking out for simple errors is a good way of spotting phishing. 

Be wary of links

Any links present in an email should always be treated with suspicion, unless you’re expecting them from a trusted person. A link can easily be disguised and go to a completely different website than the one it purports to, potentially placing malware onto a computer. As a result, it’s important to always be wary of links in emails you’re not expecting. 

Don’t give out personal information

Teaching children about the importance of not revealing personal information online is an essential skill both in and out of school and should form part of a broader online safety educational programme.

Have infrastructural protections

Moving away from things individuals can do, it’s very important for educational institutions to employ protections that can tackle phishing attempts before they even get to end-users. This can include setting up DMARC (Domain-based Message Authentication, Reporting & Conformance), which prevents phishers from spoofing your e-mail domain and assists in filtering phishers into spam folders.  

easipc offers a multitude of security protections against phishing and a myriad of other cybersecurity concerns. Our network, server, broadband and other services all include robust protections. Find out more by getting in touch here.

The EasiPC Team