DNSFilter Data Reveals Pervasive Back-to-School Scams

Protective DNS firm uncovers spikes in malicious traffic leading up to the start of every school year

WASHINGTON, D.C. – Aug. 26, 2025 – Malicious actors are making the most of the new school year with scams aimed at students, institutions, faculty and staff. Data from DNSFilter reveals spikes in specific threat types as students return to class. 

Key statistics and insights from DNSFilter’s research find that educational institutions should be prepared to see the following:

Targeted Textbook Scams

• A textbook financing scam site snagged 3,000+ search queries in just 11 days last August. While that domain has since been taken down, similar fake textbook offers continue to crop up.
  
  
• Experts anticipate another surge in textbook scams with the new school year targeting college students.

 Impersonating School Sites

• One campaign used multiple domains to impersonate a school CDN (content delivery network). All domains were registered on the same day, likely to appear legitimate or as though it might be a domain registered by the school.
  
  
• Researchers observed increased scam traffic to school-related sites between August-September (start of school year) and December-January (winter break).

Cell Phone Bans May Increase Filter Bypass Attempts

• States across the US have implemented cell phone bans in schools. DNSFilter researchers expect that students will start to leverage school devices for activities usually reserved for personal devices, which would require bypassing school filtering to access gaming, social media, or online forums that might be blocked by schools.
  
  
• Filter avoidance traffic to DNSFilter resolvers has increased year over year in Texas (by 15%), New York (by 57%), and Florida (by 70%)—all states that have implemented bans.

At the start of a new school year, students and staff are given new logins and devices, creating a new security risk for schools to consider. Protective DNS helps education institutions filter out malicious domains before connections are made, stopping threats like phishing, malware and  and even filter bypass attempts at the source.

Ken Carnesi, CEO and co-founder, DNSFilter, said: “At a time that should be full of excitement, our data shows that schools and those they serve must be extra vigilant to avoid getting scammed by criminal opportunists. It’s our goal to make it as difficult as possible for scammers to succeed.”

About the company:

DNSFilter is a cybersecurity company that protects every click, leveraging AI-driven content filtering and threat protection to block threats 10 days earlier than competitors. DNSFilter’s solution secures workers anywhere they are, helping to boost productivity, minimize compliance risk, and protect corporate brands on public Wi-Fi networks. Unlike traditional filtering solutions, DNSFilter deploys in minutes instead of days and is trusted by more than 43,000 organizations worldwide. Learn more about how DNSFilter is the first and last line of defense for corporate and hybrid networks at dnsfilter.com.

Media Contact

Shannon Van Every

Force4 Technology Communications

Shannon@force4.co