Protecting staff and sensitive school information is the goal of a new software program School District 43 is planning to buy to foil phishing scams.
The name of the program and the cost have yet to be revealed as SD43 is still in negotiations with the provider. But the aim of the software is to to help its employees identify phishing emails so they don’t get scammed by them.
“We’re training our staff on the telltale signs that we’ve been seeing,” said Stephen Whiffin, the district’s director of instruction, who spoke to The Tri-City News while he was attending a technology conference in Richmond.
Like many organizations dealing with large amounts of personal data, SD43 has to fight back against hackers seeking to steal sensitive information or wreak havoc on computer networks. Every day, SD43 gets between 25,000 and 50,000 malicious emails, and although a robust security system filters out most of them, a few sometimes get through that could put the district or the staff person at risk if acted upon.
“We’ve had issues with both spam and malware-related spam for some time,” Whiffin said, noting that while proactive efforts have kept these infiltrators at bay, constant vigilance, training and security updates are needed to stay ahead of the hackers.
“What we’re seeing now is that the tools the hackers use are increasingly sophisticated, which is making the malware they are creating harder to block, harder to identify the signature and potentially more realistic. We think it’s proactive to give the most modern training to reduce the likelihood there will be issues.”
The software will send out emails that look like a phishing scam and if a staff member falls for one of them, it will let them know and recommend a five-minute training video on how to identify malicious emails.
Whiffin said phishing emails directed at the school district can look authentic because bots scrape information from the SD43 website and use it in the email — usually with an urgent request for the receiver to take action. They often look like they’ve been sent by someone in authority, another SD43 colleague or department, and may even refer to a specific event.
In fact, they are just a ruse to get a password, credit card details or the redemption code from a gift card the email recipient is asked to purchase.
The phishing email can sometimes look nonsensical but is still real enough to fool someone, even a teacher, and while the software won’t be used on students, Whiffin said young people are already being taught to be vigilant about phishing scams and how to stay safe online as part of the district’s digital citizen curriculum.
“Our staff are well versed you don’t go out and buy things based on an email. But the technology that supports the malware is only getting more sophisticated, if we are going to be proactive we need the latest tools.”
In the spring, Coquitlam RCMP issued a warning to people to beware of an email tax scam that offered a refund in exchange for personal information, saying it was just one of a number of fraudulent schemes circulating at the time.
