Most colleges and universities use phishing protection but don't have it configured for maximum safety, according to a recent survey.

The attacks used false university domains and focused on credential harvesting and financial theft.

More than half of the emails sent in the campaign, which use a 15-year-old piece of malware called Hupigon, targeted universities.

Fraudulent emails claiming to have important information on the current health crisis is installing malware and stealing log-in credentials from universities.

Email addresses, home addresses, phone numbers and Social Security numbers were exposed in a phishing campaign that fooled about 20 employees.

Manor Independent School District, which disclosed the theft last week, says it's following several "strong leads" alongside the FBI and local police.

Inside cultures that are designed to be collaborative and open, IT leaders are struggling to corral their users and educate faculty on network risks.

Phishing emails to employees at several school districts in Monterey County, California, have exposed Social Security numbers and medical records.

A new piece of software is allowing the school's security analysts to catch compromised accounts automatically — before they hit the black market.

Training will shift away from basics like password safety and toward modern cyberthreats, says Central Utah Educational Services director.