Johannesburg — ACADEMICS must be careful when online following the detection of multiple cyber attacks hitting at least 131 universities in 16 countries, including South Africa, over the past year.
This is according to a global cyber security company as several well-known universities have experienced at least one phishing attack during the period.
These attempts to steal sensitive university information have culminated in some 1 000 phishing attacks since September 2017.
Fraudsters are hunting for credentials of employees and students, their internet protocol (IP) addresses and location data.
It has emerged in most cases, they create a web page for entering login and password to universities digital systems, visibly identical to the authentic one.
Kaspersky Lab established even though universities were attentive to their IT security, attackers find ways to breach theirs systems by targeting the weakest link- inattentive users.
In most scenarios threat actors created a web-page that appeared to be identical to the website of the university, yet differed from it with a few letters in the web address. Usually, victims are quite likely to fall into the trap and enter their credentials sending their sensitive information to phishers, especially if proper social engineering methods are used.
Nadezhda Demidova, security researcher at Kaspersky Lab, said the number of targeted entities was worrying.
Apparently, education was becoming a hot topic among the cybercriminals, the expert said.
"University staff need to consider that each of their employees and students can become a weak link and provide criminals with access to their systems and be proactive in taking necessary security measures," Demidova encouraged.