Skip to main content

If you work at a school, college or university, keep an eye out for this new ransomware scam. Fraudsters are calling educational establishments pretending to be from the Government, to trick them into installing ransomware on their school computers.

This can encrypt files on the computers, meaning you won’t be able to access them. If you work in education, don’t worry. We’ll take you through what to look out for with this ransomware scam and how you can stay safe.

If you work in education

You can inadvertently install ransomware on your computer by clicking a link in a phishing email. The link downloads software and this encrypts your files. A message will then appear saying you’ll have to pay to get your files back.

In this new education ransomware scam, fraudsters are cold calling schools, colleges and universities. They claim to be from the “Department of Education” and say they need to email guidance forms to the school’s head teacher.

They might ask you for the head’s email address, claiming that they’re sensitive documents so they can’t just go to anyone. But if the head teacher opens any .zip files from them, they’ll install ransomware on their computer. This software will lock away the head’s files and a message will demand up to £8,000 to release them.

How to protect yourself

First off, the Department of Education isn’t actually a real Government office – its real name is the Department for Education. There are also a few other tips you should follow to stay safe – here’s what to look out for.

• Make sure that all computers in your educational establishments have up-to-date antivirus software. You can get free antivirus software from AVG, Avast, Avira or Panda Security.

• Don’t automatically believe what someone’s saying to you on the phone just because they know your head teacher’s name or other basic details. Fraudsters can get this information off your school’s public website and they use this form of social engineering to make you trust them.

• You shouldn’t pay the ransom to get your files back – there’s no guarantee the scammers will release them if you pay.

• Don’t click on any links in any unsolicited emails – they could install ransomware on your computer or a virus. Roll your mouse over any links to see the real web address – you’ll see this in the bottom left-hand corner of your screen.

• Click on the email header to show the genuine email address. Scammers can spoof this but when you click on it, it will show the real source.

• Make sure you and your school back up important files to an external hard drive. If you’re unsure about this, speak to your IT support.

And you believe you or your educational establishment has been a victim of a ransomware attack, you can report it to Action Fraud.

Legal Information