Went Phishing Again…
Sophisticated hackers launched a successful phishing campaign that stole more than $800,000 from Cape Cod’s Community College. According to a Cape Cod Times report “Next-generation endpoint security solutions, if installed on all systems, would have stopped and prevented the attack.” Working with banking officials, the West Barnstable, Massachusetts college was able to recover around $300,000 of the funds.
- The Phishing email appeared to have been sent from another college.
- The person who clicked the email open had no suspicions at first, but when something seemed off, contacted the school’s IT department who ran a diagnostic test and found a polymorphic virus embedded in the phishing email.
- The hackers set up a fake URL address for TD Bank and made nine fraudulent transfers totaling $807,130 from the college’s financial account. The hackers also placed calls to fool employees and validate the transactions.
- The college recently installed next-generation endpoint protection software — but only on a portion of systems. Had the security been installed on all systems, the virus infection would have been avoided.
School Districts Under Attack
This is the second time in recent months that hackers have stolen money from the higher education industry in the United States’ New England region. An attack in June 2018 stole an estimated $1.4 million from 21 account holders at the Connecticut Higher Education Trust (CHET). Outages that have crippled colleges have also been Hacker-generated, for example, the Wisconsin outage that triggered three days of class cancellations.