TECHNOLOGY SECURITY ALERT – Active Ransomware Campaign Targeting Education Institutions

Federal Student Aid (FSA) has identified multiple ransomware attacks that lead to denial of access to sensitive data and systems unless a ransom is paid. Ransomware can have a crippling effect on an institution’s ability to operate until the infection is completely remediated. 
What is happening: Multiple schools have reported that attackers are targeting their institutions with ransomware. Phishing attacks have been used to gain access to account credentials that the attackers then use to install and propagate ransomware across a network. Some institutions have lost access to critical systems and data, impacting their ability to operate.
Why schools are vulnerable to this attack:  Schools are an attractive target for criminals looking for privacy information, research data, financial information, and intellectual property.
The IT Help Desk, in accordance with VCCS and NVCC Security protocols, will NOT request personal information, sensitive information, or administer accounts via email. Any scenario involving such information requires a phone call to or from the IT Help Desk. Examples of such information includes Social Security Numbers, Date of Birth, and Passwords. NEVER SEND THIS INFORMATION VIA EMAIL UNDER ANY CIRCUMSTANCES.
NEVER CLICK ON LINKS WITHOUT CONFIRMING THE EMAIL IS LEGITIMATE. Links can be manipulated to show a legitimate website but coded to take you to a different website. If you put your mouse cursor over a link WITHOUT clicking any mouse buttons, it will show you the true website that is coded into that link. This also works for email links.
Here are some things to look for in order to determine if the email is legitimate:
  • Are there any obvious misspellings, random characters, or irregular sentence structures?
  • Is there an attachment within the email that you are not expecting and do not recognize?
  • Is there a link in the email and, if so, do you recognize the web address when you hover your mouse cursor over the link? – DO NOT CLICK ON THE LINK
  • Is there an address in the “from” field and, if so, do you recognize the individual?
  • Was the email sent by an individual not affiliated with the college on behalf of someone at the college?
Malicious email is designed to look as legitimate as possible. It may contain college logos, mention names and addresses similar to what we use here ( instead of, and even come from legitimate email addresses that have been compromised.
If you have any questions or need help determining if an email is legitimate, please contact the IT Help Desk at or by calling 703-426-4141.
IT Help Desk
Tel:  703-426-4141