Fraudsters are posing [as] government officials in order to trick people into installing ransomware which encrypts files on victim’s computers [by] …cold calling education establishments claiming to be from the “Department of Education”. They then ask to be given the personal email and/or phone number of the head teacher/financial administrator.*
They claim that they need to email guidance to the person in authority because of sensitive comment. However, the attachment contains ransomware.
* Contains public sector information licensed under the Open Government Licence v3.0.
Commentary by Graham Cluley for BitDefender: Schools warned about cold-calling ransomware attacks