Scheme swindles students
Scammers using email attack to gain access to financial aid refunds
Malicious attackers have recently tried to gain access to students’ financial aid refunds at multiple colleges in a scheme that involves sending fraudulent emails to students, according to a warning issued by the Education Department.
The target is federal student aid refunds, money distributed to students after tuition and other education costs are paid.
The U.S. Education Department’s Office of Federal Student Aid received multiple reports from colleges and universities about the phishing campaign targeting student email accounts, a department spokesman said on background. Authorities declined to identify the schools that reported the attacks.
The attacks begin with a phishing email sent through a college’s password-protected website for students, department officials wrote. It is an email intended to fraudulently extract personal information.
The nature of the emails suggests the attackers have done research to understand the school’s communication methods, and the attacks are successful because students provide the information requested by the rogue operations, the department warned.
The money is what’s left over after students have used aid to cover tuition, room and board. A student, for example, might be eligible to receive $25,000 in federal student aid, which is transferred electronically from the Education Department to a university.
If a student had $4,000 remaining, the university would typically transfer that balance to the student, offering several ways to receive the money, including a debit card or an electronic deposit to a bank account. It is those electronic deposits that are vulnerable.