View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 2, 2020

“Back to School”: 3,000+ Suspicious Domains Registered

Hey kids, escalate privileges with the function learn_press_accept_become_a_teacher

By claudia glover

Back to school? Your searches are fodder for phishers, with researchers at security firm Check Point saying it has seen the number of suspicious domains registered with “back to school” as a key word tripling in recent weeks, with some 356 suspicious “back to school”-themed domains coming online weekly. 

Over 35,149 new domains were registered around the back-to-school theme in the past three months; 3,401 were found to be suspicious

The finding comes after the same team exposed a series of vulnerabilities in popular home learning platforms, including one in the LearnPress plugin for WordPress, which let students use the feature learn_press_accept_become_a_teacher to upgrade a registered user to a teacher role, resulting in privilege escalation.

The researchers were auditing the most popular educational plugins on WordPress; LearnPress, LearnDash and LifterLMS, and found four vulnerabilities that, left unchecked, would allow students or unauthenticated users to gain sensitive information, edit personal records and even take control of the LMS platforms. 

In the climate of learning from home via online resources the risks from poor online cyber hygiene are worrying, as neither pupils nor students are receiving the appropriate training to detect or avoid these sorts of online dangers. 

A study conducted last month by ESET and Internet Matters meanwhile, and released by the NCSC, revealed that of 1,000 teachers, more than half felt that their school has not done enough to defend themselves against cyber security threats; 36% said that they had not received any cyber security information from their schools in the past year, while a meagre 20% actually received targeted cyber training after lock down began. 

Don’t Leave Before You’ve Read This: Why Musk’s “Bionic Pig” Represents an “Uncomfortable Dialectic”

Content from our partners
Why all businesses must democratise data analytics
How start-ups can take the next step towards scaling up
Unlocking the value of artificial intelligence and machine learning

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy