Researchers at Barracuda found that of malicious emails sent, 57 percent were from compromised internal accounts.
As part of a new wave of spear-phishing attacks, over 1,000 schools and colleges in the country were the target of cyberattacks between June and September, Barracuda Networks reported.
Spear phishing is a personalised phishing attack that targets a specific organisation or individual.
According to a LiveMint report, researchers at Barracuda found that of malicious emails sent, 57 percent were sent using compromised internal accounts.
Attackers may have gotten access to these emails through the Dark Web or social engineering. Once they were in, the mails were used to launch fresh email attacks since there is a high degree of trust associated with accounts that seem to come from legitimate people and domain names, the report said.
Frequently Asked Questions
A vaccine works by mimicking a natural infection. A vaccine not only induces immune response to protect people from any future COVID-19 infection, but also helps quickly build herd immunity to put an end to the pandemic. Herd immunity occurs when a sufficient percentage of a population becomes immune to a disease, making the spread of disease from person to person unlikely. The good news is that SARS-CoV-2 virus has been fairly stable, which increases the viability of a vaccine.
There are broadly four types of vaccine — one, a vaccine based on the whole virus (this could be either inactivated, or an attenuated [weakened] virus vaccine); two, a non-replicating viral vector vaccine that uses a benign virus as vector that carries the antigen of SARS-CoV; three, nucleic-acid vaccines that have genetic material like DNA and RNA of antigens like spike protein given to a person, helping human cells decode genetic material and produce the vaccine; and four, protein subunit vaccine wherein the recombinant proteins of SARS-COV-2 along with an adjuvant (booster) is given as a vaccine.
Vaccine development is a long, complex process. Unlike drugs that are given to people with a diseased, vaccines are given to healthy people and also vulnerable sections such as children, pregnant women and the elderly. So rigorous tests are compulsory. History says that the fastest time it took to develop a vaccine is five years, but it usually takes double or sometimes triple that time.
Findings from Barracuda Networks also showed that 86 percent of all business email compromise (BEC) attacks on educational institutions during this period were carried out via Gmail accounts.
This is because cybercriminals prefer services like Gmail that are free, the report said.
What was their method?
To make their messages appear more legitimate, attackers would send the emails loaded with terminology such as ‘principal’, ‘head of department’, ‘school’, and ‘president’.
The emails also carried a convincing subject line to grab the target's attention. Some emails also used COVID-19 related activities such as 'new covid guidelines' or 'school meeting on covid' to create a sense of urgency that would compel a user to click on their malicious link.“As schools and colleges continue to teach students remotely, it makes both the parties vulnerable to cyberattacks. While online teaching and learning is a crucial part of the new normal, it is also important for students and teachers to act mindfully before, during and post the online classes," cautioned Murali Urs, country manager-India, Barracuda Networks, in a statement, the report said.