Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Student Finance England 'Payment Cancelled' Phishing Scam

Outline
Email purporting to be from Student Finance England claims that the recipient's student payments may be delayed or cancelled if he or she does not click a link and verify account information.



Brief Analysis
The email does not come from Student Finance England and the claim that student payments have been cancelled or delayed is untrue. The link in the message opens a scam website that attempts to trick users into divulging their Student Finance England account details to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Last updated: September 12, 2012
First published: September 12, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: Student Loan Payment Cancelled


Student Finance England Logo

This is a message for all students receiving grants and loans from the Students Loan Company.
You are required to verify your account information in order to avoid any delay in your
loan/grant payments. Do this here now by visiting [Link Removed]

Yours Sincerely
Student Finance England

Please do not reply to this email as it has been automatically produced from an address which cannot accept incoming mail.

**************************************************************************** ***
The information contained in this e-mail is private and privileged. If you have received this e-mail in error be advised that any use is strictly prohibited. Please notify us and delete the message from your computer. You may not copy or forward it or use or disclose its contents to any other person.

As internet communications are capable of data corruption it may be inappropriate to rely on advice or opinions contained in an e-mail without obtaining written confirmation of it. This footnote also confirms that this email message has been swept for the presence of computer viruses, however we do not accept any liability or responsibility for resultant virus infection. Opinions and views expressed in this e-mail are those of the sender and may not reflect the opinions and views of The Student Loans Company Limited.
******************************************************************************* *

 




Detailed Analysis
According to this email, which purports to be from UK government service Student Finance England, the recipient's student grants or loan payments may be delayed if he or she does not click a link to verify account information. The message includes the subject title "Student Loan Payment Cancelled", a warning apt to send a sudden chill through the heart of many a struggling university student. The message arrives complete with a Student Finance England logo and privacy disclaimer.

However, the message is certainly not from Student Finance England and has no connection whatsoever with that entity. And the claim that student loan payments will be cancelled or delayed if account details are not updated is invalid. In reality, the message is a phishing scam that attempts to panic students into clicking a link without due forethought in the mistaken belief that they may lose their student finance if they do not participate as instructed.

Those who fall for the ruse and click the link will be taken to a fraudulent website that asks them to enter their Student Finance England login credentials. As the following screenshot reveals, the bogus login page has been created so that it closely resembles the genuine Student Finance England webpage:

Student Finance England Scam Login
If users enter their login details and click the "Submit" button, they will then be taken to a second fake webpage that asks them to provide further account and banking information:

Student Finance England Phishing Scam Form
After clicking the "Update" button, victims will be presented with a final message informing them that the update has been completed and that they have been automatically logged out of their account.

Meanwhile, however, all information submitted on the fake forms can be collected by the criminals operating this phishing campaign and subsequently used to hijack the real Student Finance England accounts of their victims. Once they have gained access to these compromised accounts, the criminals can then steal personal or financial information stored there and possibly change account information to divert payments for their own purposes.

Student Finance England clients have been targeted in similar phishing scams in the past. Student Finance England will never send unsolicited emails requesting users to update their information by clicking a link or opening an attachment.

Phishing continues to be a very common and successful form of online fraud that finds new victims all over the world every day. Be wary of any unsolicited email that claims that you must verify or update account information by clicking a link or opening an attached file. It is always safest to access your online accounts by entering the account web address in your browser's address bar rather than by clicking an email link.

Bookmark and Share



References

Student Finance England
DirectGov - Online Security
Phishing Scams - Anti-Phishing Informationv


Last updated: September 12, 2012
First published: September 12, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer