Phishing Warning for North East Schools

Education establishments have recently been receiving phishing calls from fraudsters who claim to be from the Department of Education. They typically ask for personal details such as the email addresses and phone numbers of either the head teacher or business manager/financial administrator. They use the argument that they need to send over details of a sensitive nature. These fraudsters claim they need to send over guidance forms which vary from exam guidance to mental health assessments – a cunning trap for the unsuspecting teacher.

Phishing Warning for North East Schools

Emails sent will often include an attachment in the form of a .zip file, potentially masked as an Excel or Word document. No matter how tempting it might be to double-click the file, it will almost definitely contain some form of ransomware. Once downloaded, this software will encrypt all files. Often, they’ll also demand money of up to £8000 to recover important documents on your PC.

Similar scam attempts have also been made, claiming to be from similar Government departments. Fraudsters claiming to be telecoms providers are also a common scam. They request to speak to the head about ‘internet systems’ so be wary of who you give information to. In the case of OmniCom, chances are we genuinely do want to speak about your internet systems!!

Having up-to-date virus protection is essential for all establishments. We can’t prevent fraudsters from contacting you but you should follow best practices to ensure you’re as safe as possible:

  • Although the scammers know some personal details about members of your staff and use these to convince you they’re a real employee, be mindful of where this information has been obtained. Do you have a staff list on your website?
  • Note that the ‘Department of Education’ is not a real Government department. It’s actually ‘Department for Education’.
  • A general rule of thumb is never to click on links or open attachments you receive in unsought emails. Fraudsters can easily fake an email address to make it look like someone you trust.
  • OmniCom takes regular backups of your most important files and deals with software updates. If there are any critical security issues, updates will help fix them.

Have you received a suspicious call or email? Report them to phishing@slc.co.uk or to Action Fraud.