Scammers are probably going to try and use the Federal Student Aid debt relief program to trick students into giving away their identity data, payment information, or even money. This is the warning given out by the Federal Bureau of Investigation (FBI) earlier this week, as the relief program kicked off.
Federal Student Aid is a program designed to help students, by wiping some of their student debt off. It was announced this summer and kicked off with applications this Monday. Students with income below $125,000 (or $250,000 if jointly applying) can apply and have anywhere between $10,000 and $20,000 wiped off from their credit.
According to BleepingComputer, there are some 45 million student loan borrowers in the United States, owing some $1.6 trillion, which means cybercriminals have a huge field to play on.
Fake websites and phishing
What the FBI is warning of, are fake websites posing as application forms, tricking students into giving away sensitive data. These websites might be accompanied by phishing emails or SMS messages. The only way to apply for the program is via studentaid.gov.
“Cybercriminals and fraudsters may purport to offer entrance into the Federal Student Loan Forgiveness program, contacting potential victims via phone, email, mail, text, websites, or other online chat services,” the FBI said in its warning. “Cybercriminals and fraudsters use their schemes to receive payment for services they will not provide or collect victim information they can then use to facilitate a variety of other crimes,” the agency added.
The FBI also warned students that applying for the program is free, so in case anyone reaches out and demands payment to enroll in the program, or to have the application processed, they can know they’re a fraud. Also, to submit an application, students don’t need to create, or log into, any accounts, anywhere. In the first stage of the application, the applicants will not be asked to provide any documents, whatsoever.
That will come later, and those who make it past the first stage, will be approached from these addresses:
Via: BleepingComputer (opens in new tab)