September 6th 2017
University students in their first year and those returning are being warned about a phishing scam that claims to be from the student loan provider.
According to Action Fraud, the fraudulent email has come to light over the last two weeks in the lead up to the new academic year. It claims that Student Loans Company accounts have been suspended due to incomplete student information, and urges recipients to click through to a website, which is in reality fake and aims to capture their confidential details.
The Student Loans Company has confirmed that the email – which has also been received by people who have never applied for student finance – is not genuine.
Protect yourself from phishing emails
– Do not assume anyone who has sent you an email is who they say they are.
– If an email asks you to make a payment, log in to an online account or offers you a deal, be cautious. Genuine organisations such as banks and HMRC never email you for passwords or any other sensitive information by clicking on a link and visiting a website. If you get a call from someone who claims to be from your bank, don't give away any personal details.
– Make sure your spam filter is on your emails. If you receive a suspicious email, mark it as spam and delete it to keep out similar emails in future.
– If in doubt, check whether the email is genuine by asking the company itself. Never follow links provided in suspicious emails; find the official website or customer support number using a separate browser and search engine.
Spot the signs of scam student messages
– Fraudulent emails that pose as an official company or organisation often include poor spelling, grammar, graphic design or image quality. They may use odd ‘spe11lings’ or ‘cApiTals’ in the email subject to fool your spam filter.
– It may not include your name in the greeting, but something like ‘Dear Student’, ‘To our valued customer’ or ‘Dear…’ followed by your email address.
– When a fraudulent email asks you to follow a link or respond, the website or email address usually doesn’t look right. Authentic website addresses are usually short and do not use irrelevant words or phrases. Businesses and organisations do not use web-based addresses such as Gmail or Yahoo!.
What the experts say
Detective Chief Inspector Andy Fyfe of the City of London Police said: “This phishing email displays a number of tell-tale signs of a scam including spelling and grammar errors. As the new university year begins, we are urging people to be especially cautious of emails that request personal details. Always contact your bank if you believe you have fallen victim to a scam.”
Paul Mason from the Student Loans Company said: "We will never request a student’s personal or banking details by email or text message. Anyone who receives a scam email about student finance should send it to us at [email protected] in addition to reporting it to Action Fraud, as this allows us to close the site down and stop students from being caught out.
"We want to remind students to stay vigilant with the details they provide online and to be mindful of the personal information about themselves they post online and on social media too."
Tony Neate, CEO, Get Safe Online, said: “We often see a rise in the number of students falling for phishing scams around this time of year as they prepare to start or return to University. They’re taking on new responsibilities like dealing with unfamiliar things like rent, utility bills and of course student loans, which fraudsters are acutely aware of and always ready to take advantage of. They know students are less likely to interrogate the source contacting them and may willingly share personal details online or on the phone.”