Students Targeted in University Phishing Fraud

19

Newcastle University has warned prospective students to be careful when seeking to apply and pay online for courses, after discovering the existence of a sophisticated phishing operation.

The website, newcastleinternationaluniversity.com, uses similar branding colours and fonts to the original site, but includes flashy animation and a more sophisticated layout, almost as if the scammers are hoping to convince people, particularly prospective foreign students, that it is the real website.

“We have been made aware of an unofficial website which is fraudulently using the Newcastle University brand and accepting credit card payments to apply for courses,” the university announced on its Twitter account.

“The website ‘newcastle international university’ is in no way associated with the University and we are advising anyone who finds the website not to submit any personal details. All students should use our official website http://www.ncl.ac.uk/.”

It is not known how many people have been tricked by the website, but the level of detail is impressive. The site is being used to harvest everything from credit card information to passport details and date of birth, which would be useful to the scammers if they decide to steal victims’ identities, as well as scamming them out of thousands of pounds in tuition fees.

Azeem Aleem, RSA Security’s director of Advanced Cyber Defence Practice for EMEA  said  “Newcastle University’s response has been admirable, quickly identifying and warning prospects about the site. Yet it is often very hard for a company or organisation to know if their site has been spoofed until someone has already become a victim. This is why the public need to have greater awareness of the issue of spoofing and take care to protect themselves online,”

[The scammers] have been careful about targeting, focusing on overseas students who may not have the local knowledge to spot the difference between this site and Newcastle University’s official site.”