It would be easy to think that the only problem that artificial intelligence (AI) would create for community colleges would be students using large language models (LLMs) like ChatGPT to complete their assignments. However, the past few years have seen the rise of AI as a means of defrauding community colleges of financial aid designed to help legitimate students with their college expenses. Individual fraudsters, as well as sophisticated cybercriminal organizations, are employing AI as a means of directing automated computer programs, also known as bots, to enroll in and participate in community college courses long enough to receive financial aid disbursements. These bots, also known as “ghost students” or “Pell runners” are frustrating community colleges, who are now tasked with weeding out fake accounts, as well as legitimate students who are often unable to register for preferred classes or qualify for financial aid, due to being crowded out by fraudulent registrants.

The Risks and Consequences for Community Colleges

Financial Losses

As of 2023, costs of financial aid fraud in higher education have risen to an estimated $100 million per year in losses. One sophisticated cybercriminal organization managed to defraud the Federal Student Assistance (FSA) program of almost one million dollars. In addition to funds lost directly through theft, it is important to recognize the costs of fighting the explosive growth of these attacks. The state of California spent $100 million primarily as an effort to bring their informational technology (IT) security services up to an adequate level to combat the abuses of their community college system.

Resource Strain

Professors at community colleges are spending an increasing amount of their time on students that don’t exist. Every minute spent correcting a ghost runner’s work or trying to connect with that student is time taken away from legitimate students who are looking to further their education. Professors are often tasked with playing the role of detective and trying to determine who’s real and who’s not. Robyn McDonough, a math professor at Middlesex Community College in Massachusetts, explains, “We are asked to look for names that are out of the ordinary and to keep an eye out for particular patterns of behavior like finishing the first assignment and disappearing. It’s a huge distraction.”

Data Security Breaches

Every fraudulent student that is granted access to an institution’s IT system adds not only an additional burden to its infrastructure, but also a potential attack vector that can be exploited for a variety of cybercrimes such as ransomware or malware attacks.

Reputational Damage

Schools that are ineffective in dealing with the rise of AI bot accounts could potentially be seen as vulnerable to cyberattack, causing students to be reluctant to trust them with their sensitive personally identifiable information (PII). While this would be damaging in and of itself, schools are often judged on their matriculation to graduation ratio - which would be severely impacted by these ghost students with no intention of completing any programs of study.

Impact on Legitimate Students

AI bots have a negative impact on real students by flooding class registrations which often have a limited number of seats and preventing legitimate students from being able to enroll in preferred classes. Bot student accounts also drain financial aid resources and limit their availability.

Mitigating the Risks: Proactive Strategies

Enhanced Identity Verification

Identity verification measures are continuously evolving in response to the threat landscape. It is important for community colleges, and any other institutions charged with safeguarding sensitive information, to employ advanced authentication requirements such as multi-factor authentication (MFA), digital identity verification tools, and possibly even biometric verification requirements where appropriate.

Advanced Bot Detection Technologies

Advanced bot detection technologies serve as a means of swiftly identifying and mitigating malicious bot activity. These technologies can recognize suspicious activities and identify bots through behavioral patterns, device characteristics, internet protocol (IP) address analyses, and other useful metrics.

Anomaly Detection and Monitoring

Similar to advanced bot detection, anomaly detection and monitoring relies upon recognizing suspicious patterns of behavior. In the case of community college fraud, this may often look like a sudden influx of registrations for a particular class occurring all at once. This detection typically employs AI powered analytics to spot suspicious trends.

Data Security and Privacy Measures

Robust data security and privacy measures are among the cornerstones of any solid cybersecurity program. Ghost student identities are built upon real social security numbers that provide the backbone of their identities. Securing sensitive PII will prevent bad actors from easily obtaining the necessary information to further their crimes.

Staff Training and Awareness

While AI and other threat detection technologies are important tools for fighting AI bot fraud, it is also necessary to train staff and create awareness of threats. Even sophisticated tools need qualified individuals who can parse the data and recognize emerging trends.

The Role of Technology and Collaboration

One of the most important truths in the cybersecurity industry is that raising the level of security in the weakest institutions makes even the most well defended organizations that much more secure. Community colleges and other institutions of higher education need to work together to share not only their successful strategies, but also their failures. With this information, the industry can recognize trends and patterns in attacks as well as best practices for proactive defense. It is also important to recognize that to maintain sufficient data security, it is necessary to continuously invest not only in effective hardware and software solutions, but also in the training and education of the people tasked with employing and monitoring them. For any training program to be truly effective, it needs to be supplemented with education on the latest trends and developments in cybersecurity, which can always be found in the full RSAC Library, where industry leading experts analyze emerging cyber threats and highlight the most effective means of staying one step ahead.