Identity Automation, the digital identity platform for education, and PIXM, a computer vision cybersecurity startup, today announced the release of a report that illustrates the prevalence of student-targeted phishing attacks in K-12 and outlines the anatomy of such hacking attempts. The full report is available for download here.
Examining threat data from a 30-day period in a U.S. school district, experts at Identity Automation and PIXM uncovered more than 73 malicious sites that where clicked on by students and staff, including new phishing attacks and dangerous proxy services specifically targeting students – all in an attempt to gain highly-valuable Personal Identifiable Information (PII).
Most districts are rightfully focused on preventing account takeovers leading to ransomware attacks, but those that target PII and leave students and districts unaware are also causing ever-increasing headaches for notable swaths of the country's communities.
"The reasons cybercriminals find K-12 environments so appealing is clear – they include huge numbers of students with 'blank slate' credit histories and potentially easily obtainable PII to go along with it," said Jim Harold, CEO at Identity Automation. "When attackers take time to customize their attacks and appear like school-related content, you know they find it worth their time. This Identity Automation-PIXM report provides an excellent opportunity for school leaders to see what attacks actually look like, learn the tactics criminals are using, and recommendations to fight them."
"We're pleased to work with Identity Automation to spotlight this increased targeting of student information for purposes of large-scale theft," said Chris Cleveland, Founder and CEO of PIXM. "PIXM sees these types of threat reports as an important tool for keeping awareness of high surrounding potentially dangerous phishing attacks involving some of our most vulnerable citizens."
Quickly deployed web applications, proxy aware connections, URL cloaking, tab cloaking and multi-factor authentication (MFA) gaps help attackers circumvent detection and content filters entirely. In June of 2022, Identity Automation announced its partnership with PIXM to launch PhishID, a powerful anti-phishing solution integrated into Identity Automation's RapidIdentity IAM platform offered specifically to thwart these types of K-12 attacks. For more information, contact Identity Automation here.
