Email security, Security Strategy, Plan, Budget, Vulnerability Management

Vast majority of email employment fraud schemes target US universities

Most employment fraud schemes target higher education, Proofpoint researchers reported Tuesday. Pictured: A college graduation ceremony is seen in Ramapo, N.J., in this cropped image. (“College Graduation” by ajagendorf25 is marked with CC BY-NC 2.0.)

Researchers on Tuesday reported that some 95% of the employment fraud schemes they have been tracking are targeted to higher education organizations. The researchers have identified nearly 4,000 of these email threats each day, mostly targeted in the United States.

In a blog post, Proofpoint researchers said the threat actors lure students with the promise of easy money working from home to collect personal data, steal money, or convince victims to unknowingly participate in illegal activities, such as money laundering.

The Proofpoint researchers say threat actors target universities for a variety of reasons: students are likely more open to flexible, remote work opportunities; international students may not recognize telltale signs of fraudulent emails as well as native English speakers; and rising inflation and the high cost of education has put the pinch on student finances, making the promise of fast cash attractive.  

As society exits the worst of the COVID-19 pandemic, many individuals are left picking up the pieces within a tumultuous economy that has left many with unsatisfactory working conditions — or worse still — no current employment, said Chris Morgan, senior cyber threat intelligence analyst at Digital Shadows.

"Threat actors are always keen to take advantage of such difficult times by exploiting financial concerns and luring victims under the promise of new employment," Morgan said. “These typically follow many of the tricks used in other fraud, by soliciting personal and financial information that the threat actor can utilize for various malicious endeavors.”

Jason Hicks, field CISO and executive advisor at Coalfire, added that targeting students makes sense from an attacker’s perspective. Hicks said students are typically young and inexperienced in regards to being scammed.

“Students are financially insecure, and most are working less than desirable jobs for low pay, as they lack the experience or skills to obtain higher-end employment,” Hicks said. “This leads me to believe many would jump at the chance to work remotely on a part-time basis."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.