Growing identity fraud challenges put higher education at risk

By Chris Borkenhagen, CISO & Chief Digital Officer at AuthenticID

As higher education institutions continue to expand their digital services, the risk of identity fraud targeting students and financial aid programs continues to escalate. The U.S. Department of Education’s recent announcement requiring live identity verification for FAFSA applicants starting this year highlights a growing, urgent effort to combat this evolving threat. Cybersecurity leaders working within or alongside higher education organizations must understand emerging tactics and effectively strengthen verification protocols to protect students, institutions, and taxpayers.

One of the most concerning fraud trends impacting colleges and universities is the rise of “ghost students.” These are fake identities created using stolen or synthetic data to enroll in schools, often with the sole intent of accessing financial aid funds. Ghost student fraud not only drains critical resources intended for legitimate students but also creates significant operational and security challenges for institutions.

The move to online learning and remote onboarding accelerated this problem. Traditional in-person verification methods shifted to remote processes, which inevitably lowered barriers for fraudsters. Recent data shows that California colleges reported over 1.2 million fraudulent applications in 2024, including 223,000 suspected fake enrollments at community colleges. This widespread fraud results in millions in lost aid that ultimately impacts taxpayers.

The scale of this fraud is particularly alarming because community colleges typically have more open admission policies, making them especially vulnerable. Some don’t require Social Security numbers or application fees, which inadvertently opens doors for fraudulent actors. These factors combine to create an environment ripe for abuse.

Beyond the direct financial impact, ghost students introduce new vulnerabilities across campus networks. Once enrolled, these fraudulent accounts may gain access to institutional systems such as email and virtual private networks (VPNs), providing potential entry points for cyberattacks. Higher education institutions are already frequent targets of ransomware and data breaches; the rise of fake student accounts only increases the attack surface. For cybersecurity teams, this highlights the importance of layered defenses that extend beyond perimeter security to include identity lifecycle management and continuous monitoring.

The Department of Education’s enhanced FAFSA verification requirements mandate that institutions perform live verification of applicants’ identities using government-issued photo IDs, either in person or through live video conferencing. While these measures are a critical step forward, they also signal a broader imperative for higher education to modernize identity proofing across all student-facing services.

Effective strategies include implementing multi-factor authentication, biometric liveness detection, and continuous, real-time fraud monitoring solutions. These technologies help verify that applicants and students are who they claim to be, while detecting synthetic identities and countering evolving threats such as deepfakes. Equally important are risk-based assessments that adapt verification intensity based on context and risk profile, allowing institutions to allocate resources effectively while minimizing friction for legitimate students.

However, technology alone won’t solve the problem. Cybersecurity leaders should also promote policies that require physical verification when feasible and collaborate closely with admissions, registrar, and financial aid teams to raise awareness of fraud patterns. Interdepartmental coordination enables institutions to balance access and security without compromising the student experience.

Furthermore, institutions should invest in staff training focused on identity fraud risks and detection. Educating frontline employees who interact with students can help identify suspicious behavior early, preventing fraud before it escalates.

The growing attack surface within higher education calls for a proactive and comprehensive approach. As more student services—from course registration to financial aid disbursement—move online, institutions must prioritize identity security to prevent fraud and safeguard sensitive data. The Department of Education’s updated FAFSA requirements are just one part of a necessary shift toward stronger, more adaptive identity verification frameworks that protect all stakeholders in the educational ecosystem.

For cybersecurity leaders supporting higher education, adopting technologies and policies that not only comply with regulatory requirements such as the GLBA Safeguards Rule, but also anticipate and mitigate emerging identity threats, will play a critical role in reducing fraud risk, ensuring aid integrity, and preserving institutional credibility.

In addition to protecting institutional resources, these efforts contribute to maintaining trust with students and the public. Ensuring that aid reaches legitimate students and that campus networks remain secure supports the broader mission of education. As identity fraud tactics continue to evolve, so must the defenses that protect the authenticity, security, and accessibility of higher education.

About the author

Chris Borkenhagen is Chief Digital Officer and Chief Information Security Officer at AuthenticID, a disruptive and transformational identity proofing and fraud prevention technology company.

Article Topics

AuthenticID  |  biometrics  |  cybersecurity  |  financial crime  |  generative AI  |  identity security  |  identity verification  |  remote identity proofing  |  schools  |  synthetic identity fraud