As the pandemic continues and schools experience renewed closures or pursue a hybrid model of learning (in-person and remote), the educational sector continues to attract the attention of cybercriminals on the Internet. From July to December 2020, 270,171 users encountered various threats disguised as popular learning platforms—an increase of 60% when compared to the first half of 2020. To help educators stay secure, Kaspersky has launched a digital toolkit that teaches cybersecurity best practices.
Last spring, more than 1 billion schoolchildren around the globe were affected by school closures as countries attempted to slow rising infection rates. For many, that meant a switch to emergency remote learning—a transition that, unfortunately, left many students and educators vulnerable to cyber risks
Now, schools around the globe, from England and Germany to Malaysia and the US, are once again closing as countries fight a resurgence in infections, and, not surprisingly, this has led to some undesirable consequences.
From January to June 2020, the total number of users that encountered various threats distributed under the guise of popular online learning platforms/video conferencing applications was 168,550 – a 20,455% increase when compared to the same period for 2019. This number has only continued to grow from July to December, as discovered by Kaspersky experts. As January 2021, the number of users encountering various threats using popular online learning platforms as a lure reached 270,171—a 60% increase when compared to the first half of 2020.
The most popular lure was, by far, Zoom. This is not surprising given that Zoom is the most popular platform for virtual meetings, with more than 300 million daily meeting participants. The second most popular was Moodle, followed by Google Meet. The number of users that encountered threats disguised as popular online learning/video conference platforms increased for all but one platform—Google Classroom.
About 98% of the threats encountered were not-a-virus, which is divided into riskware and adware. Adware bombards users with unwanted ads, while riskware consists of various files – from browser bars and download managers to remote administration tools – that may carry out various actions on your computer without your consent. Trojans made up roughly 1% of the threats encountered.
Users typically encounter threats disguised as popular video meeting apps and online course platforms through fake application installers, which they may encounter on unofficial websites designed to look like the original platforms or emails disguised as special offers or notifications from the platform.
“Unfortunately, until all students are back in the classroom full-time, educational institutions will continue to be a popular target for criminals, particularly since this sector has traditionally not prioritized its cybersecurity. However, the pandemic has made it clear that this has to change, especially since technology is increasingly being incorporated in the classroom—virtual learning or not,” comments Anton Ivanov, security expert at Kaspersky.
To help educators and their students stay secure when using digital tools in the classroom, Kaspersky has put together a variety of resources, including an online course that teaches cybersecurity best practices. You can explore the toolkit here: https://kas.pr/smy6
For more on the cyber risks of the online classroom, you can read the full report on Securelist.
To stay safe from malware and other threats disguised as video conferencing apps / online learning platforms:
- Do not download any unofficial versions or modifications of these applications/platforms. Look for information about the developer and choose the official app stores.
- Use different, strong passwords for each of your accounts. You do not need to remember them all if you use a solution like Kaspersky Password Manager that generates and secures unique passwords.
- Always make sure you are on the official company website before proceeding to download anything to your device. Fake websites may look just like the real thing, so you should always double-check the URL format and spelling of the company name before you download anything.
- Use a reliable security solution like Kaspersky Security Cloud that delivers advanced protection on all your devices.