Those carrying student loan debt weren’t the only ones anticipating President Biden’s Student Debt Relief plan—within minutes of the student loan announcement, my phone rang with a scammer conveniently offering me quick access to the “loan forgiveness program.”
I didn’t stay on the line long enough to hear what they wanted and knew that it was a scam thanks to the warning from my phone filter. So why did I answer?
Curiosity. I wanted to see if scammers would really be that quick to the draw with a student loan forgiveness campaign.
Since then, multiple reports have come out about fraudulent calls and emails using the Student Debt Relief plan as their latest coat of paint. In fact, many of the scams are hybrid vishing campaigns discussed in my previous article Callback Phishing Attacks Increase 625% in Q2 2022.
As the screenshot below shows, these campaigns start with an email or voicemail offering a callback number to discuss an issue—in this case, student loan forgiveness prequalification. If called, the caller is connected with a threat actor who will use social engineering tactics to obtain sensitive information or remote access to their network.
Photo: Antoinette Palmieri
Other fraudulent communications include offers for early program opt-in, program eligibility verification and the student loan payment freeze deadline.
With the sharp increase in student loan forgiveness scams, the Federal Trade Commission (FTC) has released a Consumer Alert outlining the popular scams and best practices. The alert is available here and the FTC recommends reporting any fraudulent communications to ReportFraud.ftc.gov.
The fact that scammers are using student loan forgiveness as the bait is not a huge surprise. There have been a few related scams on student loans since the initial payment freeze—but with the plan officially announced, these themed-attacks should continue to increase in volume and complexity.
Remember, despite the theme of the attack, most scams include common warning signs that incorporate:
- Attachments – download the attached debt forgiveness application PDF
- Bogus Hyperlinks – click here for more information (misspellings, bad URLs, etc.)
- Sense of urgency – if you do not respond you will forfeit forgiveness eligibility!!!
- Suspect Sender – from: studentloandebtforgivenessnow2343 @ gmail.com
- Too Good to Be True Offer – get your student loan debt erased now
- Unusual Requests – provide your social security number to process your forgiveness
At the time of this article, the student loan forgiveness program is still working on the processes and timeline for forgiveness, but has confirmed that the student loan repayment pause will automatically continue until the end of the calendar year.
For more information on the program, you can visit the Federal Student Aid’s Debt Relief Announcement website at www.studentaid.gov/debt-relief-announcement for the latest updates and frequently asked questions.
Related Articles
- Callback Phishing Attacks Increase 625% in Q2 2022
- President Biden Announces Student Debt Relief Plan
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
To learn more, visit our dedicated Cybersecurity page or contact the team at [email protected].
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at www.schneiderdowns.com/subscribe.