Student fees are a large part of university and private schooling systems. With the average student paying over £9000 a year on their education, disregarding the additional costs of living arrangements paid into a singular faculty connected account, and with over 2.3 million student in the UK alone at university, the financial gain of targeting university systems and the financial third parties associated, is fruitful.

The majority of payments are made in lump sums, via university online portals. If a bad actor can infiltrate this portal or create a phishing campaign to trick the user into sending the money to the wrong account, the benefits are huge.

The larger the attack surface, the more likely the investment of time and resources into an attack will be fruitful. In the UK alone, there are over 2.3 million students in education, and just under half a million staff in higher education. With such a large attack surface, realistically there has to be a weak link somewhere.

More info: Why Have You Changed Jobs So Frequently