Fraudbots, ‘Ghost Students’ a Growing Problem for State's Community Colleges

In California community colleges, the ghost students are winning.

Criminals using bots to pose as real students siphoned off $13 million of financial aid over the last year — up 74% from the prior year, when the fraudsters stole $7.5 million of federal Pell Grant and Cal Grant money intended for students. The latest figure is four times the $3.3 million swiped by the fraudbots two years ago, when state officials said they were just setting up security systems.

On Tuesday, state Chancellor Sonya Christian will ask the community college system's Board of Governors to begin charging students a "nominal fee" to pay for stepped-up anti-fraud measures and require extra identity verification steps to enroll in the state's 116 colleges. (Christian's office says the fee would be in the "tens of dollars.")

"Fraudulent application attempts have been increasing over the past two years," according to the recommendation from Christian's office, item 4.4 on the May 20 agenda. "These measures will ensure that the California Community Colleges system remains accessible and available to all potential students."

Financial aid fraud has percolated for years in California and elsewhere. But it has escalated in recent years, alongside artificial intelligence and Americans' pandemic-driven affinity for online education — especially in community colleges, which admit nearly everyone who applies.

It works like this: Criminals using stolen identities and web-crawlers gain admission through the state's online system, CCCApply. Bots that slip past security software then try to register for classes at the college level. If successful there — and if no instructor disenrolls the ghost students after noticing such red flags as consecutive address numbers or fake-looking photos — the bots can generate financial aid applications and disappear once the checks roll in.

The chancellor's proposal to increase security for the state's online application portal coincides with new attention to the fraud from congressional Republicans and state Democrats alike. On April 23, Assembly Member Blanca Rubio, D-Baldwin Park, requested a state audit to identify fraud patterns across California and to better understand what's happening overall.

"The cost to individual districts is enormous," Rubio wrote in her request, noting that every college district deploys IT specialists, admissions and records administrators and many other staff members who spend countless hours wrestling with the problem.

Last month, nine Republican U.S. representatives from California also called for a federal investigation into the problem, declaring that even if Gov. Gavin Newsom's newly revised budget proposal includes cuts, "allowing this rise in fraud to go unaddressed is negligent."

Newsom's proposal, released Wednesday, would increase community college funding by about 1%, leaving the $14 billion budget roughly flat. Yet, the extent to which federal officials can continue their efforts to fight student aid fraud is unclear. The Office of the Inspector General — the law enforcement arm of the U.S. Department of Education — lost 20% of its staff this year in overall downsizing, the office told the San Francisco Chronicle.

California's college officials detected and thwarted fraud in 31.4% of the roughly 2 million community college applications last year, up from 20% in 2023.

"The share is increasing," Chris Ferguson, head of finance at the state chancellor's office, told the Chronicle. He was referring not only to the state's success at catching bots, but also to the attempts to defraud.

It's up to state education officials to try to stop fraudbots from being admitted into the California Community College system in the first place. But many thousands of ghost students bust through those security systems each year and "certainly are making it into the enrollment phase," said Ferguson, who wrote the state recommendations for the new student fee and added security measures.

There, they flood into colleges, crowding out legitimate students with the aim of fooling administrators into approving them for tax-funded grant money.

In Oakland, Eleni Gastis, chair of the Laney College journalism department, can fit 40 students into her popular Survey of Mass Media class and turns away many others. Yet, only about half of those enrolled in the online class are human.

The rest — 17, this semester — are bots under the control of fraudsters aiming to collect some of the billions of dollars in financial aid that flow through community colleges across the country. The challenge for thousands of instructors like Gastis is to identify the ghost students fast enough to disenroll them before grant money is paid out, and soon enough so that real students still have time to take their place before the enrollment deadline.

The bots mainly seek out online classes that are not livestreamed, meaning that students can tune in to hear prerecorded lectures at their convenience without ever showing their face or speaking to an instructor. While that approach makes college more accessible to busy parents and others with atypical schedules, it's also a boon to the faceless fraudbots that rely on fake or stolen identities to mimic legitimate students.

"Now I make students do a video introduction," said Gastis, who was the first instructor in the Peralta Community College District to flag the bot problem, back in 2021. Her new approach can't prevent bots from enrolling. But requiring an on-camera appearance helps Gastis identify the fakes — those who don't make the video — before they can collect financial aid.

"Are all faculty doing this? I don't know," said Gastis, who has become an activist for data transparency and for coordinating prevention efforts across the state rather than the current approach of operating in secrecy to avoid tipping off fraudsters.

Gastis' see-their-faces strategy is similar to that at Calbright College, the state's only all-online community college, which requires its 6,500 students to participate in a Zoom session before enrolling.

"Due to Calbright's student-centered and human-centered enrollment process, we do not encounter non-student or 'bot' enrollments at this time," said Sarah Jimenez, the college's spokesperson.

Most community colleges and the state chancellor's office — which declined to release fraud data about individual college districts — reveal little about prevention efforts, fearing that it would make the problem worse.

Tina Vasconcellos, head of educational services at the Peralta district, which oversees Laney and Merritt colleges in Oakland, and the College of Alameda and Berkeley City College, said the schools "use a combination of internal monitoring, cross-departmental coordination, and collaboration with state and federal agencies to detect and respond to suspicious activity."

But Gastis believes that being more open would help faculty understand what practices work best and allow them to standardize procedures.

Instead, depending on their level of interest, instructors do much of the work on their own, including clearing class rosters of fraudbots and figuring out how to overhaul teaching strategies to uncover the ghosts.

"I take it on willingly because I lose sleep over the thought that a student might not get a class they need" due to bots, Gastis said.

But college culture typically holds that it's up to students to drop out of classes if they want to — and not the faculty's job to kick them out. Many instructors prefer to give students a D or F, even if they don't show up, rather than drop them. That approach perpetuates fraud, however, because once a student is given a grade, administrators are less likely to classify them as a bot, Gastis said.

Yet, she credits Peralta for agreeing to her faculty-backed proposal last fall that gives instructors more time to evaluate their class rosters for fraud.

As for the state's idea to charge students a fee for new security measures, "that's insane," Gastis said. "We're supposed to be about removing barriers and creating access. This is not a way to solve the problem."

© 2025 the San Francisco Chronicle. Distributed by Tribune Content Agency LLC.