Why you shouldn’t open emails until you read this post

Schools are facing an email phishing scam epidemic and need to know what to do. The information below should be read by your Data Protection lead/DPO, your IT Support and it is advised that Senior Leadership are fully informed. The emails may look like this:

Here’s what to do: 

  1. Identify if your school is protected. The Association of Network Managers in Education has provided advice about this
  2. Identify which accounts have been affected and warn staff not to click on links they are not sure about. Get them to speak to the DP Lead/DPO, not just the IT Support Staff/Provider. 
  3. Log the breach with your GDPR in Schools portal and remember to update it with commentary on actions and findings. 
  4. If you are using the DPOiS service lets us know immediately if you have received suspicious emails – we’ll take it from there. 
  5. Speak to your email and/or broadband provider as they may have already taken action or be able to help in your investigation.
  6. Check compromised accounts for any issues relating to other systems/services. Also, warn affected staff to change personal account details if they re-use that password for personal shopping, etc. 
  7. Check whether any personal data is affected and determine if you need to report to ICO.
  8. Ensure that your registration with ICO is up to date, you have registered your DPO and you have their details in your Privacy Notice.
  9. Don’t panic. Even the best of us are affected by phishing scams, which are getting harder to spot by the day. Review the NCSC guidance
  10. Review our guidance in more detail, with links to additional resources and advice.