Seeing ghosts on campus
Most horror stories begin innocently enough. Maybe a small group of students are hanging out over the summer (possibly in a cabin…possibly in the woods) and enjoying their time away from school and responsibility. However, everything starts to take a turn for the worse when some mysterious and unforeseen force materializes to wreak havoc on their lives and their future plans.
While the various terrors in those types of stories are thankfully just works of fiction, the threat of fraud possessed “ghost students” is turning out to be a very real one for college students, and even more so for the colleges and universities who have to police enrollment fraud each semester.
Read more about how identity and fraud are evolving
What is a ghost student?
Just like a specter in a horror story, ghost students are a threat that’s hard to see and often even harder to catch. But unlike fictional apparitions, ghost students are much easier to define. Ghost students are primarily bots created by fraudsters to take advantage of the application systems at educational institutions in the hope of stealing government aid.
Since the pandemic forced the vast majority of higher educational institutions to offer online classes, this type of enrollment fraud is on the rise. In particular, community colleges have quickly become a primary target for fraudsters who know that both public and private school systems tend to be much slower in adopting cyber security defenses. Couple that with the U.S. Department of Education's decision to stop verifying household income, in the wake of the national health crisis, and it means that in the last 2 years colleges have been inundated with applications for ‘students’ that will never attend a single class.
Recent estimates out of California’s State Chancellor’s office assert that about 20% of California community college applications (more than 460,000) are fictitious[2], and a criminal justice instructor at L.A. Pierce College stated that after instructors cleared out ghost students, spring enrollment at her school dropped from 7,658 to 4,937 (more than 35%).[3]. If these fake students, whose bot-powered applications are created using stolen or synthetic identities, manage to get enrolled; they can then apply for Pell grants and other federal college subsidies, stealing money that was intended for real students in need of financial aid.
In fact, earlier this year the U.S. Justice Department indicted a trio of women in LA on charges related to enrollment fraud after allegedly stealing the identities of California prison inmates, and other victims, to falsely enroll in an Orange County-based community college and steal federal student loans totaling nearly $1 million dollars.[4]
Even with the staggering numbers above, we’re still likely only seeing the tip of the iceberg for enrollment fraud since many institutions are just now becoming aware of the problem, and most lack the necessary identity verification processes and tooling to combat it. Worse still, with the ever-increasing number of data breaches (and subsequent proliferation of dark web marketplaces selling that data)[5], fraudsters now have unprecedented access to personally identifiable information (PII) making this type of scam easier and easier to execute.
So, what can colleges do to prevent this alarming trend?
Thankfully identity verification tools, which are already widely used by large financial institutions, online marketplaces, and government entities are well equipped to bust these ghosts. Mitek’s Verified Identity Platform (MiVIP) in particular is designed to quickly and securely confirm an individual’s identity using multiple sources of corroborating information. Government issued ID’s can be checked against live selfies (in real-time), email addresses can be verified against databases to ensure they’re active and in good standing, PII can even be checked against 3rd party dark web data to indicate if the details provided in the application are from a known compromised identity. These and numerous other ‘signals’ can all be pulled together to make it nearly impossible for fraudsters to sneak past the enrollment officer’s front door. And the best part is that MiVIP’s low code implementation makes it extremely easy to incorporate into an existing university enrollment workflow, without the university needing deep technical expertise or incurring high development cost.
For added security, institutions can even implement biometric enrollment and authentication in order for their students to access school resources. Having to enroll a genuine face or voice biometric is something that fraudsters (and ghosts?) are notoriously loath to do.
So, if you’re a higher educational institution, and you’d like to learn more about bolstering your identity verification practices in order to keep your enrollment process ghost-free, we’d love to talk to you.
Sources:
[1] High schools in Oklahoma (https://stateimpact.npr.org/oklahoma/2021/02/08/what-exactly-are-ghost-students-theres-more-than-one-definition-in-oklahoma/) & Maryland (https://komonews.com/news/crisis-in-the-classroom/ghost-students-districts-receiving-funding-for-pupils-who-arent-in-class) in the news for falsifying student numbers.
[2] https://www.sfchronicle.com/california/article/college-aid-scam-18119117.php
[3] https://www.entrepreneur.com/business-news/ghost-students-are-stealing-thousands-in-federal-aid/453631