Protecting Higher Education: Rise of Email Attacks Impacting Students, Faculty, and Staff

Colleges, universities, and higher education facilities are hot targets for cybercriminals looking to steal personal data and intellectual property. Defend yourself.
July 13, 2023

Higher education plays a crucial role in developing students and providing valuable research, while also being the recipient of millions of dollars in grant funding and donations each year. Unfortunately, this makes colleges and universities prime targets for cyberattacks as bad actors look to steal personal information, access funds or intellectual property, and make ransom demands. As such, cybersecurity must be a top priority for higher education institutions hoping to protect the privacy and security of their students, faculty, staff, alumni, and investments.

Phishing Attacks Flood Higher Education

Phishing attacks are a common hook in the cybercriminal’s tacklebox. By sending malicious links in seemingly legitimate emails, attackers deceive targets into sharing usernames, passwords, or financial information. And if malicious actors capture important information, they often use it for additional attacks—using compromised accounts to send even more legitimate-looking emails across campus.

For example, just last year Duke University suffered a massive phishing campaign. The attack was launched in two phases, first using non-Duke email addresses that encouraged students to share sign-in information to avoid losing account access. Attackers then used these stolen passwords to launch a second wave of attacks from Duke email addresses in hopes of stealing financial information.

Over the past year, phishing attacks against higher education institutions have risen. Brief reprieves sometimes accompany holidays and summer breaks, but once classes resume, attackers ramp up their attempts in hopes of ensnaring staff and students. For example, there was an average of 18.5 phishing attacks per 1,000 mailboxes each week in the first half of 2022. In comparison, the first half of 2023 saw an average 74 phishing attacks per week.

Infographics for Cybersecurity in Higher Ed Blog Attacks per 1 K MB 1

Malware, Ransomware, and Scams Targeting Higher Education

While phishing makes up half of the cyberattacks against higher education, extortion, scams, and malware are still major concerns.

Infographics for Cybersecurity in Higher Ed Blog Proportion of Attacks 1

In 2020, the University of California, San Francisco (UCSF) experienced a ransomware attack that compromised patient records at its School of Medicine. UCSF made the difficult decision to pay a portion of the ransom to unlock the maliciously encrypted data—costing them $1.14 million.

But while the UCSF incident is notable for its high cost, these attacks are fairly common. More recently in June 2023, a malware attack took the digital services at Stephen F. Austin State University offline. Bluefield University in Virginia was hit with ransomware in April of the same year.

Business Email Compromise Takes Aim at Higher Ed

Higher education institutions are also targets for business email compromise or BEC. By impersonating legitimate contacts, attackers use social engineering tactics to steal personal information and redirect financial transactions. Southern Oregon University, for instance, lost $1.9 million in a BEC scheme that tricked employees into a fraudulent transfer in 2017.

BEC attacks have the potential to spiral out of control quickly. In 2019, Oregon State University reported a security incident in which hackers compromised an employee’s email account. From there, the hacker sent phishing emails to students and alumni. Still worse, the compromised account had access to the names, birthdates, and social security numbers of more than 600 students.

Unfortunately, BEC and social engineering attacks could become even more convincing with generative AI. Bad actors can use ChatGPT, Google Bard, and similar tools to research targets and quickly produce high-quality text copy to trick victims.

Protecting Colleges and Universities Against Cyberattacks

Email is a soft target for cyberattackers. It’s a numbers game of sending a slew of malicious emails in hopes that a few succeed, and while faculty/staff may be aware of malicious attacks, students are likely not as security-conscious—making them an easy target for initial entry into the university email system.

Since attackers only need to land an attack to succeed, the pressure is on colleges and universities to combat risks before they become problems. This requires proactive cybersecurity with tools that preempt malicious behavior before it hits your inbox. By understanding and developing an organizational baseline of good behavior, cloud-based email platforms like Abnormal go beyond traditional email security to detect emerging attacks and remediate compromised accounts—before they can be used to gain additional access.

Explore what Abnormal can do for your college or university by downloading our higher education datasheet, or scheduling a demo today!

Schedule a Demo
Protecting Higher Education: Rise of Email Attacks Impacting Students, Faculty, and Staff

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B 1500x1500 MKT468a Open Graph Images for Phishing Subjects Blog
Discover the most engaging phishing email subjects, according to Abnormal data, and how to protect your organization from these scams.
Read More
B Threat Report BEC VEC Blog
Our H1 2024 Email Threat Report revealed significant year-over-year increases in both business email compromise and vendor email compromise. Learn more.
Read More
B 2 7 24 Product Update
Abnormal product enhancements improve detection efficacy, reporting on QR code attacks, productivity, and protection from account takeover.
Read More
B 1500x1500 Quishing Stats Blog 02 05 24
Today we released our H1 2024 Email Threat Report, which examines the threat landscape and dives into the latest evolution in phishing: QR code attacks.
Read More
B 1 30 23 Microsoft ATO
A recent nation-state actor attack by the Russian-backed threat group Midnight Blizzard infiltrated Microsoft. Discover how Abnormal can protect you from account takeovers in real time.
Read More
B Look alike Domain Tactics
Learn 6 common look-alike domain tactics, some of the ways attackers use look-alike domains, and steps you can take to reduce your risk.
Read More