As summer ends and the back-to-school season begins, K-12 tech leaders face many cybersecurity and safety challenges. To help smooth the transition to a secure start to the 2024-2025 school year, we recently hosted a webinar featuring Samuel Hoch, Technology Director at Catoosa Public Schools, and Robert Batson, Technology Director at Tahlequah Public Schools.
In this webinar, Samuel and Robert shared their best practices and proactive strategies for addressing the cybersecurity concerns of the upcoming school year, stressing the most about phishing and malware threat protection. You can watch the full webinar recording here.
![[FREE] Google Workspace and/or Microsoft 365 Security & Safety Audit. Learn More & Claim ></noscript>>”></a></span><script type=](https://no-cache.hubspot.com/cta/default/6834707/25278544-250d-4265-b25f-0c160bf67707.png)
Phishing is the number one way cyber criminals infiltrate school user accounts. These attacks often target end users during vulnerable times, such as school breaks and the start of the new school year in the fall. As threat actors become more strategic in timing, phishing attacks are becoming increasingly difficult to detect.
With over 3.4 billion phishing emails sent worldwide daily, Robert shares the importance of training students and staff to avoid clicking on emails from outside your domain. Adding external recipient warnings to your Google and Microsoft admin consoles is a good starting point. While these warnings won’t stop phishing links from entering your systems, they can alert users to emails from unknown senders.
Another effective training method is encouraging students and staff to forward any emails with suspicious links to the IT department. Sam shares that this helps train end users to be alert and ensures trained professionals can review and assess the emails for threats.
“Some of the biggest threats I see from students are phishing attempts. There are so many phishing emails. Almost daily, the staff forwards me bold phishing email attempts that ask them to update their bank account information.”
Samuel Hoch,
Technology Director at Catoosa Public Schools
Phishing links are becoming more sophisticated, with some even bypassing multifactor authentication (MFA). Robert shared a recent incident at Tahlequah Public Schools where a threat actor bypassed MFA without the user entering credentials. His team’s investigation into how this was done is still ongoing.
“We recently had an incident where someone clicked on a link from an email from outside our domain. What was interesting about this attack was that when the link was clicked on, the threat actor could log into that account and bypass MFA. We still need to figure out how that was done because the user did not put in any credentials.”
Robert Batson,
Technology Director at Tahlequah Public Schools
Here are a few tips on how to prevent MFA bypass in your district:
- Implement strong passwords
- Change passwords regularly
- Never reuse old passwords
- Never use the same password across multiple accounts
- Create passwords with complexity and character standards
- Implement security awareness training
- Audit your Google and/or Microsoft 365 domains
“We use Cloud Monitor to find and disable any compromised accounts. We can mitigate this quickly which is the great thing about ManagedMethods’ cloud security.”
Robert Batson,
Technology Director at Tahlequah Public Schools
Cloud Monitor’s Advanced Threat Protection for School Districts
Cloud Monitor by ManagedMethods is specifically designed to protect K-12 schools from cyber threats. It can scan both internal and external emails for phishing and malware threats in the message body, attachments, and links. Through automation, you can also quarantine or delete phishing emails and files containing malware in near real-time.
Phishing and malware can also lead to account takeovers, which are notoriously difficult to detect in cloud applications and can expose sensitive data. Cloud Monitor can easily detect behavior that indicates an account takeover attack is underway, such as multiple unsuccessful logins, logins from foreign locations, and failed multifactor authentication checks.
If you’d like to see Cloud Monitor’s phishing and malware threat protection in action, you can schedule a free cybersecurity and safety audit with ManagedMethods to kick-start your cybersecurity journey today.
