Criminals target A-level results day with fake university courses

Security experts have warned that criminals may be looking to target prospective university students with a number of online scams.

With thousands of students receiving their A-level results today, kicking off the university application process, scammers are targeting those going through the clearing system with phishing scams aimed at tricking applicants into clicking on malware-laden links and giving away their personal details.

Security firm Forcepoint has told ITProPortal how criminals are setting up websites that resemble those of legitimate higher-education institutions, only with the inclusion of cut-price courses that cost far less than typical universities would charge.

However, choosing to sign up for these courses, via clicking on an application link, leaves the victim at risk of having the personal details they enter, including any payment information such as credit card numbers, stolen and sold on by the scammers.

Along with UK applicants, foreign students are also being tricked by the scams, as they may not be aware of the wider higher education scene here, or what institutions are legitimate, as the criminals roll out tried-and-tested social engineering tactics to lure in victims.

Many of the fake sites are often just adding "New" to the name of an existing university to try and trick applicants, or use typosquatting tactics that make an email or web domain look legitimate by being nearly accurate to mimic an official email.

"This is not a new threat...but it's just so timely," Carl Leonard, principal security analyst at Forcepoint, told ITProPortal. "The criminals are aware of the behaviour patterns of audience groups at certain times... students are making big life decisions here, often within a short amount of time, they might have had a plan, and then not been able to get into their chosen university, and have to rethink, and perhaps their guard is let down."

The scams are similar to the burst of malicious activity that occur every year around the April 1st tax return submission date, and those that appear whenever an election is upcoming, showing that criminals are checking the calendar to identify certain spikes of activity that they can hijack with new scams.

Forcepoint is now working with several universities to promote awareness of the scams ahead of the opening of the clearing process, which can take several weeks.

“Scams of this nature have the potential to trick stressed UK-based students, but could also catch out international students who are seeking courses in the UK," said Frank Jeffs, post-graduate researcher and former head of advertising at Middlesex University.

"In my experience, scammers use well-known university names such as Oxford or Cambridge and create fake institutions which sound very similar. Designed to look realistic and offering qualifications at a low price or attempting to capture personal information, this social engineering trick could easily catch out international students or people who might not have the local knowledge of the official educational establishment names.”

Forcepoint is now urging applicants to access university websites through the official UCAS homepage, rather than clicking on links in emails they receive. Students should also be wary of 'lure lines' such as major fee discounts, or a surfeit of places mysteriously becoming available at prestigious institutions.

Students should also always ensure their internet security provisions are updated and running, and to stay aware of any potential risks. As Leonard notes, "Broadly, if a university or college offer appears too good to be true, it probably is.”