Versions Compared

Old Version 4

changes.mady.by.user Patricia Donohue

Saved on

compared with

New Version 5

changes.mady.by.user Patricia Donohue

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Since June 2016, there’s been an increase in fraud applications across system

  • As many as 12K in the same day
  • Majority coming from outside the U.S.
  • Many coming from outside California

...

  • Primary motivation:  Financial Gain
  • Seeking .edu addresses to resell and get benefits
  • Getting free software licenses:  Office 365
  • Getting confirmations of residency
  • Using residency to get California IDs
  • Potential for serious security attacks


First Signs of Fraudulent Activity

In June 2016, CCCTC Support Services received a report from Bill Mulrooney, Director of Admissions at El Camino College about , stating that he had identified, what appeared to be, a large number of fake, or /fraudulent , CCCApply applications coming in from a Russian email provider service, Mail.ru.   The applications caught the eye of the Admissions Director, Bill Mulrooney, who had spotted the fake applications almost by accident.  According to Mr. Mulrooney, he was alerted to the situation when he received an error message about the applicant's zip code not matching the city listed for current mailing address. That led him to identify more "fishy information" and multiple (dozens) spotted the suspicious apps while searching for a specific applicant in the Report Center by street address - and noticed multiple instances of matching characteristics within the same download jobsubmit date, including the same matching street address, but different , social security numbersDate of Birth, and variations of the same email address ; many apps had included the same Date of Birth. Within a few months, more colleges reported being "spammed" by big batches of fraud applications. Several colleges reported downloading - all of which came from the "mail.ru" provider. 

He also brought the issue to the CCCApply Steering Committee and issued a formal request to Tech Center to investigate.  

By the end of 2016, the number of colleges reporting suspicious batches of fraud apps coming in through CCCApply had escalated. In a few cases, colleges reported receiving as many as 10,000 or more fake apps in a single day.  By this point, the characteristics used to identify fraud applications had expanded considerably, and we began seeing many different international service providers and other known bad actors.  Fraud applications were being submitted from inside the U.S.This activity of submitting an application for any purpose other than applying for admission to a California Community College is unauthorized use of a system to process or store data.
By the end of 2016, fraud applications had escalated become the top issues for our colleges Admissions and IT. The costs are largely hidden but are real nonetheless. They , but the majority are coming from outside the U.S.  Most are from outside of California.  

The Tech Center, with full support from the CCCApply Steering Committee, immediately responded by implementing a series of security measures, including:

  • Increased firewall protections across our local and AWS servers (Amazon Web Services)
  • Blocked TOR and other known bad actor IP addresses
  • Implemented a series of stop-gap fixes to temporarily block applications from being submitted and reaching the college
  • Contracted with a machine learning data analytics company to commence research study 
  • Set Up a Pilot Project with the four top colleges getting spammed
  • Continuous learning for improvements
  • Working with CCCTC Marketing & Communication team 


Info

Read More about the "Ways We Are Addressing Fraud in CCCApply"



Consequences of Spam

The costs associated with these fraud applications are largely hidden at this point, but they are real nonetheless. We've learned they consist mainly of the time staff spend sorting through the legitimate applications to identify the fraud data and keeping it from their student information systems. 

Warning

This activity of submitting a CCCApply application - for any purpose other than applying for admission to a California Community College - is unauthorized use of a system to process or store data.

However, spam is more than just annoying. It can be dangerous – especially if it's part of a phishing scam in order to obtain passwords, social security numbers, and other personal information, or used to convince an end-user to reveal sensitive information about themselves or internal computer systems.

...

Info

Up Next:  Ways We Are Addressing Fraud in CCCApply

Over the past 18 months, the CCCApply development team has been working with a machine learning data research and analysis team to better understand the increasing number of spam/fraudulent applications coming in through CCCApply and ultimately build a spam filter service that will identify, flag, and suspend bad applications before they get to the college's download file. The filter will include an admin user-interface, similar to an email application spam filter system, where college admins can specify and process the flagged bad applications from the legitimate ones, thus training the backend algorithm each time an application is processed.


What’s motivating spammers?

  • Primary motivation:  Financial Gain
  • Seeking .edu addresses to resell and get benefits
  • Getting free software licenses:  Office 365
  • Getting confirmations of residency
  • Using residency to get California IDs
  • Potential for serious security attacks