, after a wave of incidents where fraudsters attempted to trickAttack.Phishingeducational establishments into opening dangerous email attachments . What makes the attacksAttack.Phishingunusual , however , is just how the attackers trickedAttack.Phishingusers into clicking on the malware-infected attachments . As Action Fraud warns , confidence tricksters are phoning up schools and colleges pretending to beAttack.Phishingfrom the “ Department of Education ” . The fraudsters request the email or phone number of the institution ’ s head teacher or financial administrator claiming they need to sendAttack.Phishingguidance forms to the individual directly , as they contain sensitive information . The emails , however , have a .ZIP file attached , which often contains a boobytrapped Word document or Excel spreadsheet which initiates the ransomware infection . According to reports , up to £8,000 can be demandedAttack.Ransomfor the safe decryption of files on the victims ’ computers . That is , of course , money that few schools can afford to spend . Similar scams have posed as beingAttack.Phishingfrom telecoms providers claiming to need to speak to the head teacher about “ internet systems ” or the Department of Work and Pensions . In all cases the chances of the attack succeeding are increased by the fact that it is prefaced by a phone call . We ’ re all very used to receiving suspicious emails in our inbox , but may be caught off guard if it is accompanied by an official-sounding phone call . Action Fraud ’ s warning indicates that there are considerable amounts of money to be made by online criminals through ransomware attacksAttack.Ransom. If there weren ’ t , they wouldn ’ t be prepared to go to such extreme efforts ( such as making bogus phone calls ) to increase the likelihood that their poisoned email attachments will be opened . More money can typically be extortedAttack.Ransomfrom an organisation than an individual , with some corporations having paid outAttack.Ransomhuge sums to blackmailers after having their data locked away through a ransomware attackAttack.Ransom.