EL PASO, Texas (KTSM) — As many schools and universities extend online learning for the Fall semester, the FBI warns parents to beware of potential cyber attacks.
“With school returning, the use of teleconference applications are going to be on the rise,” said Tomas Armendariz, a computer scientist with the FBI’s El Paso Division.
“There are some threats that were present several months ago when this first happened with COVID-19,” he said, “and these threats are going to still be around as people return to class.”
According to Armendariz, email phishing presents one of the biggest online threats for students returning to classes virtually.
The FBI says it’s important for parents to talk with teachers about how meeting requests will be sent to students because hackers use creative techniques to access a person’s information online.
Cybercriminals spoof email addresses that resemble one that might come from a school district to trick the parent or student to click on what they think is a link to download a teleconferencing app, but is in fact malicious.
“At that moment, if you provide your login credentials, it can potentially give access to personal data to the cyber actor,” Armendariz said.
The FBI suggests avoiding posting links to teleconferences on public posts on social media, which can leave meeting attendees vulnerable to cybercrime and “Zoom bombing.”
Another way cybercriminals are capitalizing on online learning is by creating fake apps disguised as learning tools.
Some calculator apps, for example, contain malicious software that can be used to obtain data and other personal information from a user’s device.
Armendariz said there are several red flags parents can look out for to prevent downloading malicious applications.
“The most important one is to download from the Google Play store if you’re using Android, or the App Store if you’re using an Apple product,” he said.
Another measure parents can take is to read the app’s reviews thoroughly, as well as the terms and conditions.
Apps with a small number of reviews may be indicative of a malicious application that slipped through app store security vetting processes, and negative reviews should serve as a warning to potential users.
Once apps are installed, parents are encouraged to consider the amount of access given to the app, such as permission to access a user’s microphone, camera, or location.
“If you’re downloading something like a calculator app or a gaming app, and you really don’t want that app to have access to all those items, then you should probably not download it,” Armendariz said.
Armendariz said to beware of an app such as a calculator or flashlight app that uses a lot of data and apps that drain the device’s battery.
“An app like that shouldn’t be consuming data and is probably an indicator of things going on behind the scenes, even when you’re not using them,” said Armendariz. “It could be harvesting your information; it could be sending it to the attacker, so that’s why the data will spike for those particular apps.”
Companies are working to combat these sorts of cyberattacks — one method is by developing an indicator that notifies users if an app is using their voice or accessing camera features on their devices.
The recording indicator is part of Apple’s upcoming iOS 14, and will also require more transparency from app developers regarding the information being requested to access.
Armendariz said the feature will display an orange dot in the upper right corner of an app to indicate the application is accessing certain features.
Despite the precautions that can be taken to protect one’s information online, Armendariz stressed that no one is immune to cyberattacks, and encourages people to report cybercrime to the FBI’s Internet Complaint Center.
To learn more about how to stay safe online during virtual learning, you can access the FBI’s page on Protecting Your Kids.