Scammers are stealing millions from university students by exploiting their anxiety about careers and money, a security firm has warned after observing a surge in fake job offers, promises of easy money for working from home, and even recruitment of criminal mules.
Nearly 95 per cent of employment fraud attacks are targeted at educational institutions, cyber firm Proofpoint warned in a recent analysis highlighting the many ways malicious scammers are figuring out how to capitalise upon the disruption of remote learning and working.
Such scams typically see the instigator posing as a recruiter or employer, promising students healthy salaries for jobs such as caregivers, mystery shoppers, administrative assistants, models, or rebate processors.
Unlike advance fee fraud (AFF) – which focuses on short-term gain by demanding upfront processing or other fees – employment fraud is typically a long game, with employers collecting passport details and other personal details from students.
Others may request financial details and promise payment if students are willing to receive a payment and transfer it to another account – potentially making them accomplices to money laundering.
Proofpoint identifies nearly 4,000 such email threats per day, with European and Australian entities regularly targeted alongside the flood of attacks on American students.
Years of working and studying from home have primed university students to be victimised in this way, because carefully-crafted offers may seem both legitimate and easy to access like any other online aspect of university studies.
“Students are likely more open to flexible, remote work opportunities [and] international students may not recognise tell-tale signs of fraudulent emails as well as native speakers,” the analysis notes.
Particularly this year, it adds, “rising inflation and cost of education [are] putting the pinch on students’ finances, making the promise of quick cash more attractive.”
Millennials get taken for more, more often
A reported 3,453 job and employment scams cost Australian victims nearly $2.7m last year alone, according to the ACCC’s ScamWatch service, with an additional $378,000 lost in the first two months of this year alone.
Millennials have long been identified as being particularly at-risk when it comes to susceptibility to fraud: last year, for example, 18 to 24-year-olds lost $690,963 to 377 reported job and employment scams – an average of $1,833 per episode.
That made them bigger financial victims than any other cohort apart from the 65-plus demographic, which lost less money overall but reported fewer scams.
NSW residents were the most frequent victims, losing over $1m last year despite reporting a similar number of incidents as WA residents – who lost just over $72,000.
Large concentrations of students and staff make universities high-density targets for scammers and phishing attacks, which not only facilitate scams but have led to major issues for the likes of RMIT University and ANU.
Some universities work proactively to warn students about employment scams, with one institution pointing out signs including generic introductions (“Dear student”), offers arriving unsolicited, spelling and grammar errors, and “unbelievably good pay for very easy work – something that just isn’t that common in the real job market.”
Institutions like University of Adelaide, University of Newcastle, and Flinders University have implemented email filters capable of blocking many phishing emails, although one recent analysis found just 10 per cent of Australian universities are using the technology.
And while email security companies are using AI to analyse messages for the signs of business email compromise (BEC), such techniques may not be as effective in picking up on well-crafted scams and opportunistic campaigns such as a surge in Ukraine-related scams since the Russian invasion.
The problem is only likely to get worse, given that losses to scams nearly doubled from 2020, when Australians lost $175.7m to scams, to 2021, when losses increased to $323.7m.
“With scammers and cybercriminals continuously reinventing their tactics and finding new ways to exploit Australians for financial gain,” said Proofpoint senior director Adrian Covich, “there is every chance we will see these statistics continue to rise this year.”