BLOGS: Phishers target students with fake student loans pages
Chris Boyd at Sunbelt shows that phishers are taking advantage of the balls-up more commonly described as the Student Loans Company. Many of us, and that’s an awful lot of us, have had the misfortune to be forced into a relationship with that company. Since they don’t like talking to people, you get forced to use their website. And you are forced to hand over a lot of personal and financial information. So it is little wonder that phishers are taking advantage.
What surprises me is that these phishing sites are really very good. This awful organization, the Student Loans Balls-up Company, is causing both hardship and grief by its incompetence – so anybody dealing with them would accept any number of typos and grammatical errors on their site as simply par for the course. The bottom line is that most people visiting their site today have been in touch with this waste of space for just about a year. Frustration levels are running so high, they have asked for the same information so many times, they have ‘lost’ (yeah, right) so many documents, that there is a strong temptation to simply hand over your details and get away fast.
Don’t. These sites are very compelling and very persuasive. For example,
When the victim presses the Save button at the bottom of the page, their details are sent to the phisher and they’re taken to the real Directgov student finances logout page…
This is designed to make the victim think that they’ve been on the real website (because the domain they’re now on is slc.co.uk), and that they’ve logged themselves out (to prevent them becoming suspicious that they might not have actually been logged in at all).
Christopher Boyd
