Police are teaming up with the National Fraud Intelligence Bureau (NFIB) to raise awareness of a phishing and ransomware scam targeting schools and universities.

The scam sees fraudsters calling education establishments claiming to be from the Department of Education. They ask for the personal contact details of the head teacher/financial administrator in order to send over guidance forms, these have varied from exam guidance to mental health assessments.

The scammers will claim that they need to send these documents directly to the head teacher and not to a generic school inbox, using the argument that they contain sensitive information.

The emails will include an attachment – a .zip file (potentially masked as an Excel or Word document). This attachment will contain ransomware, that once downloaded will encrypt files and demand money (up to £8000) to recover the files.

The NFIB have also received reports of similar scams with fraudsters claiming to be from the Department for Work and Pensions and telecoms providers calling about internet systems.

The National Fraud Intelligence Bureau has since shared their tops tips on staying safe from similar phishing and ransomware attacks:

  • Having virus protection is essential, ensure that it is kept up-to-date;
  • Although the scammers may know personal details about the head teacher and use these to convince you they are a real employee, be mindful of where these have been obtained from, are these listed on your public facing website?
  • Please note that the “Department of Education” is not a real government department (the real name is the “Department for Education”).
  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the device you back up to is not left connected to your computer as any malware infection could spread to that too

If you, or anyone you know, have been affected by this fraud or any other scam, report it to Action Fraud by calling 0300 123 2040 or visit the Action Fraud website.

For more advice around fraud, visit the dedicated Stamp out Fraud webpage