Three ways to protect your school from a cyber-attack

Think before you click

Phishing emails are the number one way schools get attacked - and they're getting harder to spot. AI means attackers can now send emails with perfect grammar, your name, and school-specific context. The habit that protects you is simple: slow down.

Before opening any link or attachment, ask yourself:

• Was I expecting this?
• Do I recognise the sender's address - not just their name?
• Are they asking for something they should already have, like a password or login?
• Is there a sense of urgency pushing you to act fast?

If something feels off, it probably is. Go directly to the organisation's website rather than clicking any link, and contact your IT team if you're unsure. No question is too small.

Shut down your device at the end of the day

Software updates exist for a reason - they patch the vulnerabilities attackers exploit. If your computer never fully shuts down, those updates don't always install. A daily shutdown takes seconds and keeps your device protected. If an update prompt appears when you switch back on, action it as soon as you can.

Delete software and apps you no longer use

When a supplier stops updating an app, it becomes a door attackers can walk through. Outdated apps on your phone or laptop are a known target. Take five minutes every term to check for apps you haven't used in a while, or that haven't been updated - and delete them.

We have a ton of resources available to all schools for free to help improve your cybersecurity posture!