Skip to content
Case Study

$1 billion in FAFSA fraud.
It starts with one email.

DOE prevented $1B in FAFSA fraud in 2025 — but $90M+ was still fraudulently disbursed. suss. catches the phishing emails that steal student identities with three layers of defense.

“Your FAFSA has been flagged for verification” — one of the most effective phishing templates targeting college students. Here's how suss. stops it.

What happened

Mass phishing campaign targeting students
Fake “Your FAFSA has been flagged for verification” emails were sent to students at hundreds of universities. Links led to convincing fake studentaid.gov portals requesting SSN, date of birth, and FSA ID credentials.
$90M+ fraudulently disbursed
While the Department of Education flagged 150K suspicious FAFSA submissions and prevented $1B in fraud, over $90M was still fraudulently disbursed — including $30M+ to deceased individuals.
Stolen identities used for years
Once attackers have a student's SSN and FSA ID, they can file fraudulent FAFSA applications for multiple years — and the student may not discover the fraud until they file their own legitimate application.

Source: U.S. Department of Education

How suss. would have caught it

We ran a reconstructed FAFSA phishing email through our API. The email scores MEDIUM — but our three-layer defense catches it at every stage.

56%
Medium Risk
FAFSA Phishing Attempt Detected

Three layers block this attack

1Email Scanner warns

Detects FAFSA phishing language, SSN requests, and urgency patterns. Warning badge appears on the email before the student clicks anything.

2Page Analyzer detects fake domain

If the student clicks, the page analyzer identifies the fake studentaid.gov domain — no trust score, suspicious TLD, or government impersonation pattern.

3Form Guard blocks SSN submission

Even if the page looks real, form guard blocks SSN and credential submission on unregistered domains. This is the last line of defense — and it works.

4 threat indicators fired

85%
FAFSA application phishing attempt
fafsa_application_fraud
80%
Urgent account verification request
account_verification_urgent
90%
Social Security number requested
ssn_request
75%
Fake government domain detected
government_impersonation_domain

Recommended actions

  1. 1NEVER enter your SSN via an email link
  2. 2Navigate to studentaid.gov directly by typing it in your browser
  3. 3Contact your university financial aid office to verify any FAFSA requests
  4. 4Report this phishing email to your university IT security team
  5. 5Check if your FSA ID has been compromised at studentaid.gov

The cost of no protection

$1B
Fraud prevented by DOE
$90M+
Still fraudulently disbursed
150K
Suspicious FAFSA submissions flagged

Why students are prime targets

First-time FAFSA filers
Freshmen don't know what legitimate FAFSA communication looks like. A 'verification required' email seems perfectly normal to them.
SSN is the skeleton key
One stolen SSN enables years of fraudulent FAFSA applications, tax fraud, and identity theft — the damage compounds over a lifetime.
Financial pressure creates urgency
Students terrified of losing financial aid are more likely to act quickly on verification requests without questioning legitimacy.
Scattered institutional response
Each university handles FAFSA phishing differently. Some warn students proactively; many don't know about the campaigns until after students are victimized.

Purpose-built financial aid protection

FAFSA & Financial Aid Phishing

8 dedicated signals detect FAFSA verification scams, Pell Grant fraud, phantom student enrollment, and financial aid refund diversion.

Government Impersonation

Identifies fake .com domains impersonating studentaid.gov, IRS, SSA, and other government agencies. Detects visual and URL-based mimicry.

Identity Theft Prevention

Blocks SSN, date of birth, and FSA ID submission on unregistered domains. Form guard intercepts before sensitive data leaves the browser.

Campus-Wide Threat Intelligence

When one student at your university encounters a phishing campaign, the entire campus benefits from shared threat detection.

With suss. vs. without

Without suss.

  • 'FAFSA flagged for verification' email arrives
  • Stressed student clicks link immediately
  • Fake studentaid.gov page looks convincing
  • Student enters SSN, DOB, and FSA ID
  • Attacker files fraudulent FAFSA applications
  • Student discovers fraud months later when real FAFSA is rejected

With suss.

  • Email scanner flags FAFSA phishing in Gmail
  • Warning badge appears — 'FAFSA Phishing Detected'
  • If clicked, page analyzer detects fake government domain
  • Form guard blocks SSN submission on unregistered site
  • Student contacts financial aid office to verify
  • Identity protected, financial aid intact

How the pilot works

1
Deploy via Chrome Enterprise
Push the suss. extension to all campus Chrome browsers. Students and staff are protected from day one with zero training required.
2
Register legitimate university forms
Campus IT registers official FAFSA portals, Workday, and other sensitive forms. Any unregistered form requesting SSN or credentials gets blocked.
3
Three-layer protection activates
Email scanner, page analyzer, and form guard work in concert. Even if two layers are bypassed, the third stops the attack.
4
Campus dashboard shows campaign reach
IT security sees how many students were targeted, which departments are hit hardest, and which phishing campaigns are active — in real time.

Start a free 30-day pilot

Protect your students from FAFSA phishing with three layers of defense. Deploy via Chrome Enterprise in minutes — zero training required.

Request pilot accessView enterprise plans

$1B in FAFSA fraud in 2025. Your students are being targeted right now.

Free for qualified universities and government institutions

524
Scam signals
8
FAFSA-specific
94.5%
Precision
93.2%
Recall
FERPA CompliantNo student PII stored
SOC 2 Type IIIn progress
US-HostedGoogle Cloud, us-central1
AARP AgeTechCollaborative member
Chrome Web StoreVerified publisher

made by humans who've been scammed.

© 2026 suss. AI, Inc.