Date Published: 
Wednesday, July 15, 2015

College campuses are fruitful targets of opportunity with efforts to exploit students, faculty and staff on the rise. According to FRAUD magazine, the bimonthly publication of the Association of Certified Fraud Examiners, two schemes – “work from home” and “business email compromise” are popular with scam artists.

Robert Holtfreter, in the FRAUD article “Identity thieves target university employees and students,” noted that in the “work from home” scam, fraudsters send emails to college students to recruit them for supposed payroll and/or human resource positions with fictitious companies. The “position” simply requires the student to provide his/her bank account number to receive a deposit and then transfer a portion of the funds to another bank account.

According to the FBI alert on the scheme, “Unbeknownst to the student, the other account is involved in the scam that the student has now helped perpetrate. The funds the student receives and is directed elsewhere have been stolen by cyber criminals. Participating in the scam is a crime and could lead to the student’s bank account being closed due to fraudulent activity or federal charges.”

In the “business email compromise” scheme, fraudsters compromise email accounts from within a university then send targeted emails (“spearfishing”) to selected employees expressing dire situations requiring immediate attention.  In this scam, the victim is asked to provide a username and password, which the fraudster uses to hack into the institution's network and redirect the employee's payroll allocation to another bank account.

Holtfreter, in the FRAUD story, passes along this advice from the FBI:

  • If it sounds too good to be true, it probably is
  • Look for incorrect grammar, capitalization and tenses. Many of the scammers aren't native English speakers
  • Don't provide any credentials such as bank account numbers, login names, passwords or any other personally identifiable information in response to email requests
  • Forward suspicious emails to your university's IT personnel

UNC Charlotte’s Internal Audit Department is a campus resource regarding fraud awareness.

For University students, staff, and faculty:

  • Security awareness training is available to all employees; there are several modules with more information about identity theft. This training is in Moodle under My Courses, Training, Security Awareness Training - 2015.