Back to school? Your searches are fodder for phishers, with researchers at security firm Check Point saying it has seen the number of suspicious domains registered with “back to school” as a key word tripling in recent weeks, with some 356 suspicious “back to school”-themed domains coming online weekly.
Over 35,149 new domains were registered around the back-to-school theme in the past three months; 3,401 were found to be suspicious
The finding comes after the same team exposed a series of vulnerabilities in popular home learning platforms, including one in the LearnPress plugin for WordPress, which let students use the feature
learn_press_accept_become_a_teacher to upgrade a registered user to a teacher role, resulting in privilege escalation.
The researchers were auditing the most popular educational plugins on WordPress; LearnPress, LearnDash and LifterLMS, and found four vulnerabilities that, left unchecked, would allow students or unauthenticated users to gain sensitive information, edit personal records and even take control of the LMS platforms.