As the international back-to-school season starts, Kaspersky has warned that cybercriminals are exploiting academic topics with sophisticated phishing campaigns to specifically target the theft of personal data from students, educators, and administrators.

Fraudsters are increasingly leveraging data collection forms on platforms like SurveyHeart.com – a questionnaire like Google Forms – to carry out scams.

In one such scheme – a phishing attack that targets students at Neumann University in the US – victims receive a notification claiming they are using two different Microsoft school emails across various university portals. To prevent their Office 365 account from being deactivated, they are asked to complete a survey requiring sensitive details such as their name, phone number, university email, and account password.

Another scam uncovered by Kaspersky experts involves fraudsters creating fake giveaways that promise students a chance to win various high-end gadgets useful for education – from iPhones to iPads and laptops. To enter these enticing contests, victims are asked to provide personal information and indicate their preferred laptop model.

Additionally, individuals are prompted to share a link to a prize-draw page with 15 contacts via WhatsApp. While the prospect of winning a valuable item like a laptop is the lure, there’s a hidden catch: the so-called winners are told they must pay for the delivery of their prizes. This demand for additional payment is a clear red flag that the giveaway is a scam.

The offer may seem tempting, but the combination of an unusually generous prize and the requirement to cover delivery costs is a telltale sign of fraudulent activity.

“These scams go beyond immediate data theft and could lead to more serious, long-term consequences,” cautions Olga Svistunova, a security expert at Kaspersky. “If attackers gain access to private school information such as class schedules it could be exploited for doxing, stalking, cyberbullying, or even identity theft.

“It’s essential for students to be vigilant and cautious when responding to such suspicious notifications,” Svistunova adds.