Those carrying student loan debt weren’t the only ones anticipating President Biden’s Student Debt Relief plan—within minutes of the student loan announcement, my phone rang with a scammer conveniently offering me quick access to the “loan forgiveness program."
I didn’t stay on the line long enough to hear what they wanted and knew that it was a scam thanks to the warning from my phone filter. So why did I answer?
Curiosity. I wanted to see if scammers would really be that quick to the draw with a student loan forgiveness campaign.
Since then, multiple reports have come out about fraudulent calls and emails using the Student Debt Relief plan as their latest coat of paint. In fact, many of the scams are hybrid vishing campaigns discussed in my previous article Callback Phishing Attacks Increase 625% in Q2 2022.
As the screenshot below shows, these campaigns start with an email or voicemail offering a callback number to discuss an issue—in this case, student loan forgiveness prequalification. If called, the caller is connected with a threat actor who will use social engineering tactics to obtain sensitive information or remote access to their network.
Photo: Antoinette Palmieri
Other fraudulent communications include offers for early program opt-in, program eligibility verification and the student loan payment freeze deadline.
With the sharp increase in student loan forgiveness scams, the Federal Trade Commission (FTC) has released a Consumer Alert outlining the popular scams and best practices. The alert is available here and the FTC recommends reporting any fraudulent communications to ReportFraud.ftc.gov.
The fact that scammers are using student loan forgiveness as the bait is not a huge surprise. There have been a few related scams on student loans since the initial payment freeze—but with the plan officially announced, these themed-attacks should continue to increase in volume and complexity.
Remember, despite the theme of the attack, most scams include common warning signs that incorporate:
Attachments – download the attacheddebt forgiveness application PDF
Bogus Hyperlinks – click here for more information (misspellings, bad URLs, etc.)
Sense of urgency – if you do not respond you will forfeit forgiveness eligibility!!!
Too Good to Be True Offer – get your student loan debt erased now
Unusual Requests – provide your social security number to process your forgiveness
At the time of this article, the student loan forgiveness program is still working on the processes and timeline for forgiveness, but has confirmed that the student loan repayment pause will automatically continue until the end of the calendar year.
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.