Since 2020, higher education has undergone massive shifts that have modernized the sector.
Over the past few years, propelled by the pandemic and increased availability of high-speed connectivity, the education sector has digitized at lightning speed. This shift has enabled remote learning, innovation, and streamlined administration.
Increasing digitization reflects where education is headed longer term. According to research firm Encoura, some 99% of university chief online officers expect an increase in online instruction, up from 70% who expected one before 2020. Digitization has also enabled immersive hands-on learning experiences and increases in research innovation. In administration, digitization has streamlined time-consuming tasks such as enrollment and ongoing student communications,
But the growing use of technology in education has also introduced new security threats. One is the use of malicious bots, which are flooding higher-education systems. According to a CalMatters article, for applications at more than 100 California community colleges, more than 20% of student “applicants” were in fact bots.
These bad bots create fake accounts, enroll in classes, gain access to school services and, ultimately, steal money by applying for financial aid through these fake accounts. In many cases, these bots attack multiple universities simultaneously, which gives them reach and scale.
When bots successfully infiltrate university systems, they can wreak havoc, emailing students with seemingly legitimate “.edu” email addresses to perpetrate other attacks, skewing class enrollment numbers, and defrauding institutions of funds and resources. In some other cases, fake students post to class discussion boards and submit assignments, creating time-consuming work for professors to identify bots, and remove them from class rosters or remove their content.
With the return of in-person learning over the past couple of years, many school administrators had hope that the impact of malicious online traffic in campus life would subside. But, in fact, school administrators in the CalMatters article noted that the presence of bots has accelerated in 2024.
Bots in education have had a variety of negative outcomes:
Disrupting student learning, skewing data. As educational institutions digitize, many have turned to online systems. That shift has, in turn, boosted bot enrollment in higher education, particularly for online classes. As a result, bots can flood a course with enrollment requests. The deluge can block real students from getting seats in classes and also skews data on true demand for that course. Because bots enroll in multiple institutions, it also skews data sector-wide.
Stealing financial aid. While financial aid scams aren’t new, technology such as AI makes bot-driven fraud easier and more prevalent. According to the HUMAN Enterprise Fraud Bot Report 2023, while legitimate traffic dipped in 2023, bad bot traffic rose by 102% year over year.
HUMAN’s follow-up, The Quadrillion Report: 2024 Cyberthreat Benchmarks, reveals that, in 2023 alone, more than 200,000 fake account creation attempts and 40,000 post-login account compromise attempts were identified per customer within many sectors. This scale of automated fraud highlights the increasing sophistication and volume of these attacks.
Wasting university resources. In addition to stealing money, “ghost students,” or bots, can use a school’s cloud storage, VPN, and other online services reserved for students, faculty and staff. They can also use newly acquired student email addresses to commit other scams.
Further, faculty at many colleges are spending valuable time trying to authenticate real students and reject fake bot students from registering for classes. In some cases,
Increasing student acquisition costs. It also costs universities money to market to prospective students. Bots can drain marketing spend on targeting fake accounts rather than potential students. The acquisition cost for new students is high ($2,795 per student for a four-year private college). Colleges and universities also spend quite a bit on keywords, looking to hit enrollment targets.
Maintaining a secure, fraud-free environment is essential for educational institutions. It's vital not only to protect financial resources but also to ensure that real students can fully engage in their education without the disruptions caused by fake accounts and automated bots.
The HUMAN Defense Platform, including product suites Application Protection and Account Protection, helps higher education combat these threats effectively. HUMAN technology safeguards institutions by blocking the automated creation of fake accounts and monitoring post-login activity for suspicious behavior, ensuring that your systems are secure and your resources are protected.
Key capabilities include the following:
Keeping your institution safe from fraud is not just about protecting money—it's about ensuring that real students can learn, engage, and succeed in a secure environment.
Learn more about how HUMAN security can stop bad bots, fake accounts, and fraud.