IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Colleges Unmasking Scammers’ Bots Used in Fake Enrollments

Officials with California’s 116-campus community college system say they are seeing a spike in cyberattacks since the pandemic, which they suspect is because the scammers are targeting federal COVID-19 relief grants along with traditional financial aid.

The following article is excerpted from CalMatters.

Bots are filling up community college classes in a likely attempt by scammers to fraudulently access COVID-19 relief grants and other financial aid. At least 10 districts or individual colleges told CalMatters they’ve been affected, and the community college system has announced new security measures to combat the scam. On the first day of spring term this year, an aeronautics professor came to administrator Laura Hope to share something suspicious: Most of the students in his virtual class weren’t participating at all.

Hope, the head of instruction at Chaffey College, a community college in Southern California’s Inland Empire, dove into the college’s records to find out why.

The shocking answer? These weren’t real students, but scammers likely out to bilk taxpayers of millions of dollars in financial aid. Faculty and staff caught onto the scam before any dollars went out, Hope said. If they hadn’t, about $1.7 million would have landed in the hands of fraudsters.

Chaffey is not the only California community college to report such a scam, according to a CalMatters investigation. Officials with the 116-college system say they are seeing a spike in cyberattacks since the pandemic, which they suspect is because the scammers are targeting federal COVID-19 relief grants along with traditional financial aid. At least 10 districts or individual colleges have told CalMatters they’ve had increases in fake applications, registrations, financial aid filings, or some combination of the three. The Chancellor’s Office estimates that about 20 percent of the traffic coming to the system’s online application portal is from bots and other “malicious” actors.

Bots are filling up classes, in some cases preventing real students from enrolling. And identifying and blocking the fake student accounts is taking up considerable staff time, college officials say. They say the system is being targeted partly because it is open enrollment and does not have an application fee.

“It’s a well-orchestrated, analytically led assault on the weaknesses in our system,” Hope said.

This week, the California Student Aid Commission told the Los Angeles Times it had identified more than 65,000 applications for aid from purported community college students that appear to be fake, lending credence to the idea that scammers are seeking to get their hands on state grants.

And in a memo to colleges last week, the community college system’s interim vice chancellor for digital innovation and infrastructure, Valerie Lundy-Wagner, announced new security measures to combat the threat.

While reports of fraud have increased recently, cyberattacks on the state’s community colleges aren’t new — and the perpetrators don’t necessarily have to be sophisticated hackers.

A quick search on YouTube shows countless videos detailing how to make fraudulent student accounts to get a .edu email address for free or discounted access to software, online shopping and digital music.

In a video from “Targetter,” a YouTuber who appears to be based in India, he walks his 70,000 viewers through the process of obtaining a .edu email using a bot downloadable from his account bio.

“It’s all automated, you don’t need to do anything,” the YouTuber says as code scrolls in a pop-up window. Another pop-up screen provides options to “enroll” at one of four listed California community colleges — Contra Costa College, Mt. San Jacinto College, San Francisco City College and Sacramento City College.

“All I have to do now is just sit back and relax,” he says as the bot populates a Contra Costa College application with fake personal information. Within seven minutes, “Targetter” had enrolled at Contra Costa College as Ivan N. Atkinson for the fall 2020 term.

In a follow-up video, he mentions that the bot is no longer functioning due to security updates to the community colleges’ website, but encourages viewers to make their own changes to the code.

“The thing about this is that it’s not hard to do,” said Nick Merrill, a cybersecurity research fellow at UC Berkeley. “The code is obviously floating around to do this to a handful of colleges.”

The influx of federal emergency aid and the shift to remote learning — which makes it easier for scammers to hide behind a screen rather than appear in person — have made the community college system even more attractive to bad actors, college officials say. That, coupled with college administrators’ desire to get the money out as soon as possible to students walloped by the pandemic’s economic effects, creates a tough balancing act for officials charged with protecting taxpayer money while doling out vital aid.

To read the rest of this article, click here.
CalMatters is a nonpartisan, nonprofit journalism venture committed to explaining how California’s state Capitol works and why it matters.