85%
FAFSA application phishing attempt
fafsa_application_fraud
Case Study — Financial Aid
$1 billion in FAFSA fraud.
It starts with one email.
The Department of Education prevented $1B in FAFSA fraud in 2025. $90M+ was still disbursed. $30M+ of that went to deceased individuals. Every attack begins with a phishing email that looks exactly like this one.
"Your FAFSA has been flagged for verification" — one of the most effective phishing templates targeting college students. Here is how suss. stops it at three separate layers.
What happened
The attack.
01
Mass phishing targeting students
Fake "your FAFSA has been flagged for verification" emails went to students at hundreds of universities. Links led to convincing fake studentaid.gov portals requesting SSN, date of birth, and FSA ID credentials.
02
$90M+ fraudulently disbursed
DOE flagged 150K suspicious FAFSA submissions and prevented $1B. But $90M still got through the cracks, including $30M paid out in the names of deceased individuals.
03
Stolen identities used for years
Once attackers have a student's SSN and FSA ID, they can file fraudulent FAFSA applications for multiple years. The student may not discover the fraud until they file their own legitimate application.
Source: U.S. Department of Education
Detection
What suss.
would have seen.
We ran a reconstructed version of this attack through the production API. Here's what fired.
suss. verdict
56%
MEDIUM RISK
FAFSA Phishing Attempt Detected
4 threat indicators fired
80%
Urgent account verification request
account_verification_urgent
90%
Social Security number requested
ssn_request
75%
Fake government domain detected
government_impersonation_domain
Recommended actions
- 01Never enter your SSN via an email link.
- 02Navigate to studentaid.gov directly by typing it in your browser.
- 03Contact your university financial aid office to verify any FAFSA requests.
- 04Report this phishing email to your university IT security team.
- 05Check if your FSA ID has been compromised at studentaid.gov.
Impact
The cost.
$1B
Fraud prevented by DOE in 2025
$90M+
Still fraudulently disbursed
150K
Suspicious submissions flagged
Pattern
Why FAFSA phishing works on students.
01
First-time filers
Freshmen do not know what legitimate FAFSA communication looks like. A verification email feels perfectly normal when you have never received one before.
02
SSN is the skeleton key
One stolen SSN enables years of fraudulent FAFSA applications, tax fraud, and identity theft. The damage compounds over a lifetime.
03
Financial pressure creates urgency
Students terrified of losing aid are more likely to act quickly without questioning legitimacy. The script weaponizes their fear.
04
Scattered institutional response
Each university handles FAFSA phishing differently. Some warn proactively. Many find out about the campaigns only after students are already victims.
With vs without
Two timelines.
Two outcomes.
Without suss.
- 01"FAFSA flagged for verification" email arrives.
- 02Stressed student clicks the link immediately.
- 03Fake studentaid.gov page looks convincing.
- 04Student enters SSN, DOB, and FSA ID.
- 05Attacker files fraudulent FAFSA applications.
- 06Student discovers the fraud months later when the real FAFSA is rejected.
With suss.
- 01Email scanner flags FAFSA phishing in Gmail.
- 02Warning badge appears: FAFSA Phishing Detected.
- 03If clicked, page analyzer detects the fake government domain.
- 04Form guard blocks SSN submission on an unregistered site.
- 05Student contacts financial aid office to verify.
- 06Identity protected. Financial aid intact.
Get protected
Don't be the
next case study.
Book a 15-minute pilot conversation. We'll show you the threats targeting your institution right now and walk through deployment.
Free 30-day pilot for qualified institutions. No IT integration required.