The many types of phishing attacks that pose security threats to schools have been compounded by cloud computing in education as the need for remote access to communications and courseware has risen during the COVID-19 pandemic. They include email phishing, HTTPS phishing, spear phishing (targeted email phishing), whaling (targeted emails impersonating a senior player at an organization), vishing (phone call phishing), smishing (phishing by SMS text), among others.
Using an email or a phone call to get someone to make a change to an account or divulge information is one of the most common types of phishing; criminals direct you to a link to provide sensitive data and instill fear that something awful may happen if you don't act with urgency, which is a red flag. These emails or calls may be in the form of a warning from a government agency. Rather than act immediately, you might consider telling the caller you'll get back to them, and as a good rule of thumb, avoid clicking on a link in an email.
Successful phishing emails may appear professional, as do fake websites. You can spot the latter by their URLs—because they often contain typos—or by branding that looks off, such as company logos that don't have the proper colors. But websites aren't the only things that can be copied to look like the real thing—so can wireless connections. These are more likely to impact a distributed campus than a single high school, as this form of phishing attack can create a free yet fraudulent Wi-Fi access point that allows criminals to see user data. Consider checking to make sure you're connecting to the right free hotspot or otherwise avoid them completely.
The appeal of free Wi-Fi has risen with the adoption of smartphones, which many students have, and it's another vector for security threats to schools. Phishing attacks could be in the form of emails or SMS text messages. Again, it's all about getting users to click on a link they shouldn't; it's best not to click on an SMS link unless you're certain of its origin and the sender.