View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 2, 2020

“Back to School”: 3,000+ Suspicious Domains Registered

Hey kids, escalate privileges with the function learn_press_accept_become_a_teacher

By claudia glover

Back to school? Your searches are fodder for phishers, with researchers at security firm Check Point saying it has seen the number of suspicious domains registered with “back to school” as a key word tripling in recent weeks, with some 356 suspicious “back to school”-themed domains coming online weekly. 

Over 35,149 new domains were registered around the back-to-school theme in the past three months; 3,401 were found to be suspicious

The finding comes after the same team exposed a series of vulnerabilities in popular home learning platforms, including one in the LearnPress plugin for WordPress, which let students use the feature learn_press_accept_become_a_teacher to upgrade a registered user to a teacher role, resulting in privilege escalation.

The researchers were auditing the most popular educational plugins on WordPress; LearnPress, LearnDash and LifterLMS, and found four vulnerabilities that, left unchecked, would allow students or unauthenticated users to gain sensitive information, edit personal records and even take control of the LMS platforms. 

In the climate of learning from home via online resources the risks from poor online cyber hygiene are worrying, as neither pupils nor students are receiving the appropriate training to detect or avoid these sorts of online dangers. 

A study conducted last month by ESET and Internet Matters meanwhile, and released by the NCSC, revealed that of 1,000 teachers, more than half felt that their school has not done enough to defend themselves against cyber security threats; 36% said that they had not received any cyber security information from their schools in the past year, while a meagre 20% actually received targeted cyber training after lock down began. 

Don’t Leave Before You’ve Read This: Why Musk’s “Bionic Pig” Represents an “Uncomfortable Dialectic”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.