Universities Put Email Users at Cyber Risk

Top U.S. universities are among the worst in the world at protecting users from email fraud, lacking security measures to prevent common threat tactics such as domain spoofing or other types of fraudulent emails, researchers have found. Ninety-seven percent of the top 10 universities in the United States, the United Kingdom and Australia are subjecting students, staff and administration to higher risks of email-based impersonation and other attacks because their systems lack basic security, according to new research from Proofpoint revealed Tuesday. Moreover, U.S. institutions are the worst offenders of the bunch, with some of the poorest levels of cybersecurity protection, researchers found. The news is troubling, especially as email remains the most common vector for security compromises across all industries, observed Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint, in a statement. Further, the frequency, sophistication, and cost of cyber attacks against universities has increased over the last years, he said. “It’s the combination of these factors that make it especially concerning that the premier universities in the U.S. are currently the most vulnerable to attack,” Kalember noted. Indeed, universities and other institutions of higher education store “masses of sensitive personal and financial data, perhaps more so than any industry outside healthcare,” he said. This, unfortunately, makes them a top target for cybercriminals, who…