Update - Schools receive phishing emails posing as headteachers

Following on from our blog last month about schools receiving Vishing (‘Voice phishing’) phone calls from fraudsters posing as ‘Department of Education’ officials, please be aware that school staff are receiving phishing emails posing as headteachers that request payment transfers.

What activity has been reported?

• A member of staff (such as the School Business Manager) receives an email from 'headteachername', at a domain not related to the school email address, such as icloud.com
• The email asks the member of staff their availability to make a payment
• The member of staff then shortly receives an email from a different domain asking that they transfer a sum of money to a new bank account number and sort code provided

What should schools do?

• Be vigilant about emails from unknown sources that request payments
• Only share email addresses with trusted sources
• Do not open any files attached to an email unless you know what it is
• Update your anti-virus software regularly
• Be prepared. Backup school files offsite on a regular basis

For more information, please see our previous guidance on phishing email scams.

---

If you are concerned that you have been targeted by fraudulent emails, please call us on 0345 222 1551 • Option 1 (existing ICT customers) or 0345 222 1551 • Option 5 (non-ICT customers).