Phishing attacks on schools are no longer opportunistic. They're systematic, sophisticated, and costly. This session presents new research findings from iSAMS on the impact of these attacks and examines how fraudsters impersonate staff, intercept communications, and exploit weaknesses in payment processes to steal from school communities. Aimed at bursars, finance directors, business managers, senior leaders, and IT officers across primary, secondary, and K-12 schools, attendees will learn how to assess their school's vulnerability, recognise early warning signs of fraud, and implement immediate protective measures. The session also explores how automated payment systems reduce fraud exposure and how to communicate security risks to parents without causing alarm.