The Educator Magazine U.K. Jan-April 2023. - Magazine - Page 67
Cyber fraud warning These include:
Ransomware – fraudsters demanded
to academies
£4,000 to give back access to a school’s
Schools and academy trusts have been
warned to be on high alert for cyber
fraudsters following a series of costly
incidents.
Education expert Michaela Johns, Director
of Hampshire accountancy firm HWB,
issued her advice after compiling a list of
cases where schools were targeted.
These include ransomware, hacking,
bank details changed and contracts for
services, with losses running into
thousands.
HWB specialises in working with
academy schools to help them stay on
top of increasingly complex financial
regulations and holds regular seminars
for academy trust governors.
Michaela, who works closely as an
external auditor with academies and
independent schools across Dorset,
Hampshire and Wiltshire, told the latest
academy information seminar:
“Forewarned is forearmed and schools
must remain extremely vigilant to
combat these increasing cyberattacks.
“Highlighting some of the ones that are
hardest to spot will hopefully draw
attention to the devious methods criminals
are now using to defraud our educational
establishments.”
marketing material, website and photos
library – which was not backed up on
its computer system. The school had to
choose between redoing it all again from
scratch or paying the ransom to get the
information released – it paid up. The
school’s trustees’ main worry was that
pictures of school pupils were included
and the reputational damage should it be
known that these had not been protected
would be immense. The finance cost was
galling but not their top worry.
Hacking – the school did not know one
of its employees’ emails had been hacked
and the hacker waited for an opportune
moment to send an email from the
‘employee’ to finance telling them that
they had changed their bank details.
This was actioned without any checks
and the employee’s next salary went to
the hacker. It cost the school up to £3,000
– easy money if a number of schools had
been targeted.
Bank details changed – similar to the
above but less direct. A letter or an email
comes in from a supplier, usually when
major capital works are being carried out
so that the figures will be big. This gets
processed on the system with no external
checks to the supplier. The next payment
or two goes to the fraudster before the
supplier starts chasing for late payment.
Contracts for services – this is likely to be
insider fraud and occurs when there are
budgeted regular payments for, say, boiler
servicing or electrical testing. Fraudulent
invoices purporting to be from the
supplier and fake bank details are
received by the school which would
be unaware of any fraud. As well as the
fraud itself, this leads to both health and
safety and reputational risks as the
necessary work is not being carried out.
This one had been happening for three
years and was only picked up with a
change of personnel.
Michaela added: “Such is the scale of the
problem that the Government’s Education
and Skills Funding Agency (ESFA) now
demands that all ransom demands are
reported.
“Schools should make sure they have
a plan in place in case the worst does
happen – this includes reporting details
to Action Fraud, the UK's national
reporting centre for fraud and cybercrime,
the ESFA and the school’s own auditors.”
There are 24,413 schools in England and
currently 1,170 multi academy trusts
that manage at least two schools. Not all
schools are part of an academy trust.
Chartered accountants HWB provides
business and tax advice from its
headquarters in Chandler’s Ford, near
Southampton and offers a free resource
to academies – a 10 point checklist guide
to reducing fraud.
FRAUD
WARNING
!