Detecting Fraud in Higher Education: Watch for Red Flags
As technology quickly evolves, fraudsters are staying one step ahead with complex and sophisticated fraud schemes. Unfortunately, colleges and universities are not immune to these risks. But there are steps you and your university or college can take to protect sensitive information from cyber security threats.
Higher education targeted by fraudsters
According to the Technology Crimes Division (TCD), fraudsters — including both foreign and domestic hackers, terrorists, and foreign intel — prey on colleges and universities, taking advantage of weak internal control environments to gain unauthorized access. Once they’ve compromised your system, fraudsters seek sensitive student information and financial data from the disbursements of Title IV funds in efforts to conduct schemes such as FAFSA fraud, falsification of GEDs and high school diplomas, and identity theft.
In 2016 alone, there were 783 breaches of more than 29 million student records.
The TCD of the Office of Inspector General (OIG) works closely with the Department of Education to identify cyber threats and conduct investigations into unauthorized access to the administration, processing, and disbursements of Title IV funds. If you suspect that fraud is occurring or if your system has been breached, you are obligated to report to the OIG.
Start by strengthening your internal controls
One of the best ways to protect your organization from these cyber security threats is to identify and strengthen any weak internal controls. You’ll want to make sure that your staff receive appropriate and sufficient student financial aid and Title IV disbursement training, review internal documents carefully, and question and verify authenticity of student information by taking these steps.
Monitor admission submissions
Many fraud schemes occur before a student even arrives on campus. It is important to look out for the following during the admission process:
- Students who are using aliases or disposable email addresses
- Forged high school diplomas
- Students who reside in unusual areas compared to the rest of the student population
Check for duplicates
Checking for duplicates in your system is an easy way to identify fraud. If multiple students share the same IP or email address, it is often an indicator of a long-distance fraud scheme.
Review disbursements before sending
The last thing your university or college wants to do is write out a check to a fraudster. Before sending disbursements, check for these red flags that may indicate fraud:
- Multiple funds being sent to the same bank account
- An unusually high number of refund checks being mailed to the same address or geographic area
- A student’s debit card address not matching the address listed on the student’s application
How we can help
Whether your institution has already experienced a security breach, or you are looking to make sure your institution is prepared to catch fraud, CLA professionals have experience working in higher education and can help you identify weaknesses in your internal controls that put you at risk.