Back-to-School Alert: Kaspersky Warns of Phishing Attacks via Fake University Login Pages
As the new academic year kicks off, global cybersecurity company Kaspersky has uncovered a surge in phishing campaigns targeting universities and colleges. Attackers are creating fake login pages that mimic official university portals, tricking students and professors into disclosing their credentials.
According to Kaspersky, links to these fraudulent sites are being distributed through emails or appear in search results for academic login systems. Once credentials are entered, cybercriminals can gain access to sensitive data including personal details, academic records, and financial information. They may also change account passwords, locking victims out of critical services such as email, course materials, or payment systems. Compromised accounts can then be exploited to spread phishing emails further within university networks.
“Colleges and universities are vulnerable due to their reliance on digital platforms and the high volume of users accessing systems during the back-to-school rush,” said Olga Altukhova, Senior Web Content Analyst at Kaspersky. “These fake login portals can appear convincing, exploiting the trust that students and professors place in their university systems. We urge the academic community to double-check web addresses before entering their credentials.”
Kaspersky’s Recommendations for Staying Safe:
Enable multi-factor authentication (MFA): Add an extra layer of security and use a reliable password manager.
Install a trusted security solution: For comprehensive protection against a wide range of threats, such as Kaspersky Premium.
Be skeptical of suspicious offers: Avoid deals that seem too good to be true, especially if they request payment or personal details upfront.
Verify the source: Research scholarships, giveaways, or offers, and confirm legitimacy before engaging.
Protect sensitive information: Share personal data only on verified platforms.
Use trusted websites: Stick to official school portals and recognized services when making payments or providing personal information.