It seems like they're attacking the wrong end of the problem by trying to detect fake students in the classrooms. If the issue is that people are signing up for financial aid and then disappearing with the cash they'd be better off making sure that the people who get financial aid actually are who they say they are before sending them money, or better yet stop giving cash as financial aid and instead give some type of credit that can only be spent on/at the school.
Once scammers can't get access to the money the problem of bots in the classroom will mostly go away.
Are these bots successfully completing FAFSA forms to the government?
And the government is successfully generating ISIRs to send to the schools?
If yes, then this is a federal ID verification issue.
If not, why are the schools sending aid payments sand ISIR? Or does CA run its own state-level aid programs that skip the federal forms completely (and botching the ID verification on their own)?
Or are all of these effectively stolen IDs? Where the FAFSA and ISIR are for real people (but people who aren't actually students)?
The article is missing a LOT of details, what a waste of time.
There's no such thing as identity theft, it's all bank fraud or in this case student aid fraud. "Identity theft" is a term coined by banks to try to make it sound like random people should have to deal with the fallout of the banks' bad identity verification practices.
If the student aid system verifies identity by, for example, just validating that the applicants know a single 9-digit number that after the Equifax breach should be considered public information, that is a critical problem with their identity verification system and it should be patched.
> "Identity theft" is a term coined by banks to try to make it sound like random people should have to deal with the fallout of the banks' bad identity verification practices.
Wow, great point. I admit: I have been tricked by financial institutions to believe this term! Another (US military) term that is similarly misleading to me: "surgical strike". If they blow up the bus stop in your neighborhood with a cruise missile fired from 300km away... well, you won't ever feel safe in that neighborhood again... so the strike is certainly less than "surgical".
surgical in this sense means only blowing up the bus stop instead of leveling 6 blocks with a MOAB. Your feelings about safety are supposed to be negatively affected by a bomb. Whether that bomb is a precise or strategic bomb is immaterial.
In places like Gaza, "surgical strike" often means "only" blowing up the support pillar of an occupied multi-story apartment complex in the middle of the night.
I’ve long wondered why victims of this fraud don’t more often sue the institutions that granted fraudulent accounts, for any and all damages and cost incurred.
When someone tricks a bank in a way that harms you, the legal question governing your recovery from the bank is, “Did the bank act negligently, and did that negligence cause you harm?”
Unlike normal life, where “negligent” means “I didn’t enjoy it,” under the law there are several required elements that constitute negligence. One required element of negligence is that for a party’s negligence create liability, the alleged negligent party must have owed the harmed party a duty at the time of the breach of that duty.
Duty can arise in several ways according to state common and statutory law. For example, a doctor owes the duty of the standard of care to his patient. A driver owes the duty to drive the speed limit to other motorists. The question of whether duty exists in any situation is a complex question of law.
One thing that isn’t complicated, though: in every jurisdiction I’ve researched, a bank owes no duty to a non-customer.
This is why victims of identity fraud don’t sue the bank that granted fraudulent accounts: there is no negligence and will this be no recovery. (With the caveat that I’ve seen people who were harmed by a bank where they randomly happened to have an account… in this circumstance, duty can be ascribed to the bank because a banker-customer relationship in which duty is rooted exists).
Corollary: open an account at every major bank to establish a duty-relationship everywhere.
Poor startup idea of the day: Accounts-at-every-bank-as-a-Service.
Read Ross Anderson book Security Eng., it deals a lot with these types of issues. In short, banks try not do anything about as long they do not have to pay for it.
I suspect the issue is similar here with the multi stakeholder problem here. The college needs as many paying students as possible, the workload of the staff should be as low as possible, the office giving out loans wants to have a low workload... All in all good scammers will serve all these needs and happily take the money in the process.
> "Identity theft" is a term coined by banks to try to make it sound like random people should have to deal with the fallout of the banks' bad identity verification practices.
The problem isn't the banks, the problem is that unlike Europe where in most countries it's commonplace for everyone to have a government-issued ID document, the US does not have that requirement and so companies of all sorts abuse documents not meant for that purpose like SSNs or driver licenses that can be trivially forged.
Banks can't invent security out of thin air when a significant part of the US population believes that mandating possession of one is a surefire way into a dictatorship or whatnot.
About 3% of the us adult population doesn’t have government issued photo id. So if the issue is forgery say so, it’s not a lack of id or a cultural norm against it.
4.2% of US _households_ are unbanked. Banks refuse customers for many less extreme reasons than “can’t verify identity” which is in fact a requirement for them with all of their federal and state regulators.
>How many billions would a major bank loose in a lawsuit, if they did the sensible thing and refused to deal with 3% of the population?
Zero. Because FINCEN/KYC[0] laws in the US mandate identification for all customers.
Which means that at least 3% of the populations is "unbanked"[1]:
Some reasons a person might not have a bank account
include:
Lack of access via a nearby bank branch or mobile phone
Minimum balance fees
Distrust of the banking system, typically due to lack of transparency
regarding fees and deposit timing[1]
No access to government-issued ID, which is required to open a bank account
To avoid delinquent debts, such as creditors seizing the account in
judgements, or the government collecting back taxes or child support
> About 3% of the us adult population doesn’t have government issued photo id.
Add on top of that undocumented people or the issues surrounding the Native American population and their partial autonomy rights, and it becomes a mess very very quickly because it won't stay at "about three percent".
What? US banks won't bank you if you don't have 27 distinct forms of government ID and a recent rectal exam.
And then they have someone with an incomprehensible accent in a call center that probably also runs scam calls calling you up and asking for your password as part of their ordinary SOP.
They deploy fancy new tech like "verifying your voice" with some AI crap while simultaneously not allowing your password to have more than 8 characters. (Which must have two symbols but if one of them is ` you'll experience random spontaneous logouts).
There may be many causes of the disaster that is bank security, people not having ID is absolutely not part of it.
We need a better phrase, like “impersonation fraud” or something, which focuses on the two parties actually involved. You can’t actually steal somebody’s identity of course, they are just an uninvolved third party.
Eh, I'd say it's a bit more complicated than that.
Quite often the impersonator had nothing to do with the collection of the identity itself. There are people that 'copy' things like insecure online information around identity, but there are also people that physically steal things like drivers licenses and birth certificates. This is the stage of a crime that I'd consider actual identity theft. After that you have black market information brokers. They didn't capture the identities in the first place. They don't directly use the information to impersonate others and yet they are still complicit in a crime. Then you have the final stage of impersonation fraud as you state.
I want to be pedantic, it is not the identity they’ve stolen in the first case, but the documentation of the identity. A person’s identity is just intrinsically part of the person.
>A person’s identity is just intrinsically part of the person.
Is it?
If I look at least somewhat like you, grab your ID, and stuff you in an incinerator then any ID system that does not take detailed biometrics will have no clue if I'm you or not.
Saying identity is intrinsic is tantamount to saying "I am that I am". I mean, that's cool and all, but that tells me nothing about who you actually are.
There is nothing intrinsic about your name for example. This can and does change for people.
Again, same with location where you live.
We spend our entire lives grown up and getting old, so how we look adapts.
Then you get down to bio markers like fingerprints or dna, but these are recent inventions when it comes to human identification and take a fair bit of technology to use successfully.
Interestingly enough the US seems to have between 1.5 and 6 times more of such cases than Europe (the numbers I found are a little bit fuzzy and use probably different methodology when collected, so this could well be an entirely statistical phenomenom).
I was curious, because I (living in central Europe) could not think of a single case of identity theft in my social circles or a prominent case I ever heard of.
The US does identity verification by asking for a driver's license (which has no chip or biometric data) and possibly a series of questions about your past drawn from public data. All of these credentials are laughably easy to spoof. Compare this to Europe, where every resident has an eID containing a keypair and X.509 certificate signed by the government containing their personal details. It is trivial to check the validity of these cards and nearly impossible to forge without subverting either the national PKI or printing apparatus
> Compare this to Europe, where every resident has an eID containing a keypair and X.509 certificate signed by the government containing their personal details.
Woah. First, on HN I keep seeing this term "Europe". Europe is 50 countries. Please try to be more specific. Did you mean EU? If yes, then my question: Really? All 27 EU nations support and actually use this identity programme with financial institutions? I never heard about it. And, just saying that it exists isn't enough. Do normies use it (like your parents & grandparents)?
It's currently being deployed across the european union[1], I think the 2026 target they gave it's a tad too unrealistic, wouldn't be surprised if we get major coverage not until 2030.
That target is for the new and improved version where you can use NFC to self-identify on the web. The old version (with a smart card inside, so only offline auth) was rolled out in Germany in 2010.
Can't remember if they ever released the 1st version either in Italy or France, a few days ago my septuagenarian mum got the NFC enabled one in Italy.
The iOS app is surprisingly decent. She could still request the old, paper-only id but this one could be also used to pay for local ordinances straight from her phone, and it's less cumbersome than the SPID-based[1] authentication.
It's an EU thing. Yes, normies do use it, as it is a chip embedded in your personal ID card and your passport. You hand your ID to an officer, they read the chip data and verify the signature. You don't have to know anything about how it works. It also contains biometrical data (your fingerprints, etc).
Implementation of eIDAS is still in progress. It's not even mandatory for every citizen to haven an eID until end of 2026. And it's also not used yet everywhere for everything. But it's gradually growing.
The first time I had a chance to use was just some months ago, when I could activate a SIM-card online through and my smartphone reading out my ID-card via NFC. I pay daily via NFC, but it's the first time ever I had to use the chip in my ID-Card, despite it having one for 15 years now. Laws and regulations are good in theory, but reality can be often quite a bit different.
Fingerprints are collected only from criminals or people who visit US. Why did Europeans agree to being treated like criminals or tourists I don't understand.
>Fingerprints are collected only from criminals or people who visit US. Why did Europeans agree to being treated like criminals or tourists I don't understand.
Only if you assume that anyone who works for a SEC regulated company[0], applies for a California driver's license[1], current and former US Military personnel[2] healthcare workers, teachers, real estate agents, child care providers and others[3] are either "criminals" or "tourists."
If so, into which bucket would you place CA driver's license applicants? Criminals? How about US Military personnel? Tourists?
Don't know about the whole Europe (or EU) but I strongly suspect it is indeed (almost) everywhere. I'm Turkish and Turkey has it too. And yes, my mother uses it, and my grandparents used it when they were alive. You can't do anything government-related, open a bank account, or even visit a hospital without your government-issued ID card (which contains a chip). And a few decades ago, before the chips, there were other security measures tied to ID cards.
We don’t have a national ID system, just a single, poorly suited Social Security number that’s been overloaded to serve as our entire identity in the eyes of the state. These numbers are effectively public knowledge, thanks to private credit agencies created to fill the gap when banks failed at risk assessment. We could’ve replaced this broken setup decades ago, but there’s a vested political interest in ensuring federal programs fail, to justify further privatization and the dismantling of social services.
A proper national ID and strong privacy laws would be obvious policy wins, but that would require competent lawmakers.
In my lifetime, the most consequential federal legislation has been the DMCA (1998), the Patriot Act (2001), and Obamacare (2010), which effectively marked the end of meaningful legislative power and the handoff of governance to the executive branch.
What about ID.me that irs.gov uses for tax-related matters? When I tried to get it once, it is pretty hard to get authenticated -- required 2+ gov't IDs, plus pic of yourself holding them. That should be pretty safe. Not good enough? (Overall: I agree. There is no concept of a national ID in the US, except a passport which huge numbers of people do not have.)
I'm not Christian and I don't want a federal ID. I don't even want a state ID but I will eventually be taken to prison if I continually get caught driving without one.
Coincidentally and/or anecdotally I've never had my identity stolen.
The last big push for a secure national identity system was during the 90s as part of the negotiation on the Illegal Immigration Reform and Immigrant Responsibility Act of 1996. It was opposed by fundamentalist Christians then, but it was more vociferously opposed by civil libertarian groups like the ACLU and the EFF, Cato, as well as immigrant rights groups like La Raza.
Half of the house Democrats, not exactly a group known for kowtowing to religious fundamentalists, voted against improving the design of social security cards. If 16 of the 91 that voted against the McCollum amendment had flipped from Nay to Yea, this would be a solved problem.
> I was curious, because I (living in central Europe) could not think of a single case of identity theft in my social circles or a prominent case I ever heard of.
But there’re tons of scams involving stealing your personal id and security codes. It’s wide spread from Belgium to Estonia.
There's apparently no good way of doing this. Denmark have a system for identifying yourself online. It has a 2FA component, either an app on your phone, where you have to swipe or something (I don't use it) or a physical code generator. It should be basically impossible to break, except it's not, because people will get calls from "their bank" asking the to do the 2FA stuff. Basically any measure put in to prevent this is being circumvented by people believing that the bank, who barely wants to deal with customers, would actually call them up Thursday evening.
I think the current solution is to have users scan a QR code, if they are on a different device than the one with their authenticator app. I haven't hear of anyone with the hardware token being scammed though, but most of the people who have the hardware version, do so because we don't even trust an app on our phone.
But yes, there are PLENTY of cases of identity theft even in countries with electronic identification solutions.
One thing the US could do, but won't, is have an account registered with the federal and state governments. Any money coming from the government should ONLY go to that account and it changing it should require a thorough identity validation.
Often issues such as this are the result of people involved in the verification process, being bribed or taking cash for approvals. This is even more likely to happen if you outsource part of the process.
>Often issues such as this are the result of people involved in the verification process, being bribed or taking cash for approvals. This is even more likely to happen if you outsource part of the process.
Often, posters on HN engage in pedophilia, tax evasion and satanic rituals. This is even more likely if you allow just anyone to create an account.
That's ridiculous, right? Because I provide no evidence for my statement whatsoever. And yet, I manage to paint every HN user with that broad brush.
It's an example of 'reductio ad absurdum'. If you have any evidence that your hypothesis is any more valid than mine, please do provide it. Otherwise, you're just smearing people without any reason except to validate your world view.
> If you have any evidence that your hypothesis is any more valid than mine, please do provide it.
I don't know about evidence, but logically your example is bad. One is talking about specifically fraud issues, and their most likely cause. You're just generally talking about people.
Social engineering hacks are the primary hack. If you're not familiar with them, you aren't security conscious.
SIM card swaps have been reportedly repeatedly, as being a social engineering hack. Often the exchange has been done via gift cards or crypto. More than one such hack resulted in millions being stolen.
Your attack dog response is quite unwarranted. Why are you so upset at a generic comment, indicating that fraudulent identity verification can be done on both ends?
Do you imagine that university admissions employees are perfect, uncorruptible? Is this some weird, US political minefield?
>Social engineering hacks are the primary hack. If you're not familiar with them, you aren't security conscious.
You didn't say that financial aid administrators were being "socially engineered. Nor did you say that they had their SIMs swapped. Rather, you said[0]:
"Often issues such as this are the result of people involved in the verification process, being bribed or taking cash for approvals."
That might well be the case here. But unless you actually have even a shred of evidence (do you? if so, please provide it), you're painting thousands of people with the same broad brush.
>Do you imagine that university admissions employees are perfect, uncorruptible? Is this some weird, US political minefield?
I do not. But I also don't make completely unsupported accusations/attacks against random strangers as you did. Not a "political minefield" at all. You were just talking out of your ass and I called you on it. Full stop.
We are discussing, in this sub-thread, methods by which people masquerade as others, stealing funds, abusing resources, and so on. The post I replied to was musing, essentially, "How could this possibly happen!?"
My statement is entirely valid in this context.
Social engineering attacks are a well known method to hack, and masquerading as others is indeed a hack.
> If not, why are the schools sending aid payments sand ISIR? Or does CA run its own state-level aid programs that skip the federal forms completely (and botching the ID verification on their own)?
If I had to guess, this is probably to make the process easier for illegal immigrants, this being California and all.
I have a number of family members that work at different levels of government facing the public. Based on your rhetoric and their stories there's a high probability that you'd fall under the group I'd consider 'howlers'.
What is that?
The people that blame everyone else for problems without understanding any of the complexity of the system. Everything is some scary other persons fault. Then later they have to interface with the system after the laws they have promoted and they are aghast about how abusive the system has become.
I got to see this in person just a few days ago. I was renewing my license in Texas and had a stack of all the proper identification that I needed because I triple checked online on what I'd actually need. In front of me was an older gentleman that evidently had waited till the last day to renew his license. He didn't have any of the needed documentation, in this case his birth certificate. The clerk told him that unless he had that record he could not renew. He was all pissed and storming out and said "I bet it was the democrats that make us do that!".
It is this wild disconnect I see quite often where I see people that want others inconvenienced, you know people from other places or people that don't look the same, but proceed with shock when the rules apply to them also and start howling about it.
> He was all pissed and storming out and said "I bet it was the democrats that make us do that!".
If your story is actually true, that man is somehow oblivious to the fact that Democrats are the ones always bringing up the “it’s so hard to get a driver’s license! And racist to require one for anything!” arguments. I’m not sure how you’ve come to the conclusion that I want to inconvenience people out of spite. I’d like to inconvenience illegal immigrants from getting their education subsidized by citizens. California wants the opposite.
Go in an sit around any precinct courthouse or state document renewal facility in Texas in the lobby for a week and you'll see it multiple times a week. It's not some particularly rare occurrence.
The sovereign citizens are common too, and they really start howling commonly having to get escorted out.
It's been a few years since I was in college, but back in the '00s when it was relevant to me, there was nothing I could do to get cash. I submitted financial aid documents (to include federally-subsidized loans), and money went from the lender to the school. If there was an underpayment, I had to submit more docs and the lender sent more money. If there was an overpayment, the school refunded the lender and my statement was updated.
Other than completely unsecured private loans how the hell are 18 year olds getting cash for their student loans?
I got a cash deposit for living expenses. I had to pay rent, after all, while out of town at school. Hell, I needed food too. The payment to the school was handled exactly as you say.
Yeah I’m puzzled by this too - I suppose it helped that I wasn’t living in school housing, I was living at home for most of college, so my only college expenses were tuition, transportation, and supplies, all of which could be paid directly by my loan issuers but - yeah, I never saw a cent of cash, either through student loans or financial aid, it all just went directly to my school.
People in those circles generally believe that college education should just be free for all residents. Which is an internally consistent position, since if everyone is eligible, there's no need for verification. It's specifically the programs that restrict eligibility that don't make sense if you can't verify said eligibility (which starts with verifying identity).
Maybe I’m not in those circles but college should be $1000/semester imo. A lot closer to free than it currently is. But the way to get there isn’t financial aid, it’s…charging only $1000/semester.
Similarly, there are mechanisms that allow victims of crimes to seek help from the police without fear of deportation.
Makes sense to me. I'm much more worried about road safety and crime than people coming to the US then paying payroll and sales taxes, but not being able to claim federal benefits.
When I did my degree many moons ago in three UK I got a student loan like many people. The loan company sends the money directly to the university not the student. Weirdly though when I did my masters they sent the money to me.
Students aren't able to get into classes when bots are taking all the spots. Teachers actually care about educating students so they don't want to have their time wasted by bots. There's only so much loan money to go around and the schools want to get that cash into their own pockets, but the schools don't get any when scammers are running off with it to funnel money to other countries or whatever else they're doing. Similarly, students who really need the help can't get it when it all goes to someone who isn't interested in paying for education.
Schools have another problem with "ghost students" in general which is that there's a lot of other stuff going on at schools that depend on real students being there. Vendors, club activities, sporting/social events, nearby bars and restaurants etc. There's an entire ecosystem on and around campus which is created or supported by real students. All that non-classroom stuff helps make the school more attractive to students and often directly generates income for the school as well, but little of it would exist or be worthwhile if the campus is a ghost town.
When I was at community college (~ 2000), if the section you wanted was full at registration, you'd register in another section (in case), but show up at the section you wanted and talk with the instructor. Depending on the course/instructor, you'd might need to show up for the first week and anybody who hadn't attended in the first week would be dropped and those who had attended but weren't registered could take those spaces. Sometimes the instructor would do that at the first meeting. You'd go to the section you were registered in as well, and let the instructor know there (sometimes it'd be the same instructor and then maybe you wouldn't need to attend both sections). Not ideal, but registration order was based on completed credits, and after one semester it got a lot easier to get into the sections you wanted; students (real or not) that haven't completed any classes get to pick sections last, so once you've shown you're willing and able to complete classes, you're good. (Protip: check if taking any class in the summer will help you get into the sections you want in the fall)
At that time, you could drop classes in the first two weeks for a full refund.
That works pretty well for a full-time student, but two points...
- If you're working/raising a kid/whatever, you don't necessarily have the time to drop into classes that might be full. There is likely a non-zero number of people who see their preferred section is full and don't move beyond that (people taking one-off classes, or slowly working through a professional certificate).
- That's a lot of extra mental bandwidth for all involved. Yeah, it works, but life would be better if it wasn't the norm.
The lost money comes from the taxpayer. But that loan money was going to be used to pay the school; and presumably if the student doesn’t have that loan money, they ain’t gonna be paying (or attending, because they can no longer afford to do so). So schools should care. And the students should care — they don’t get to join the school. And the government should care — their funds just went into a void. And the taxpayers should care — their money just went into a void, and some number of their kids just got denied college access.
> But that loan money was going to be used to pay the school; and presumably if the student doesn’t have that loan money, they ain’t gonna be paying (or attending, because they can no longer afford to do so). So schools should care.
I don't think this is a correct model of the situation. As far as I know, it isn't the case that there's a fixed budget for student loan disbursals and all of it will go to some school or other unless it gets stolen. Rather, if more people ask for student loans, more money gets disbursed, and if fewer people ask for loans, less money gets disbursed. So the amount of money the school gets wouldn't be affected.
Well, we’re focused on extracting as much money as possible from people who try to pay loans with awful terms. Meanwhile, the banks have no incentive to do meaningful vetting as the loans are guaranteed.
Uh, federal financial aid is absolutely all of our money (acquired from taxes).
And loan fraud just drives up the cost of loans for everybody else.
And the overhead of fighting this eats into school resources, driving up the tuition that's forcing the loan in the first place.
And as a professor/instructor, that's money that could go to funding more tenured positions (vs adjunct spots or other "non-permanent" teachers).
So, sure, without putting much thought into it, an individual might not care. But after any thought at all, one should see that fraud drives up the cost for all of us.
> And the overhead of fighting this eats into school resources
Not if they continue to ignore it, because once again, it's not their money being sent to scammers.
> And loan fraud just drives up the cost of loans for everybody else.
Doesn't sound like a problem for the involved parties.
> So, sure, without putting much thought into it, an individual might not care. But after any thought at all, one should see that fraud drives up the cost for all of us.
You might care. I might care. But I guarantee that the involved parties do not care for even three seconds of their day about it. They have much more important things to think about, such as what color of the ballons for their kids next birthday party.
> But I guarantee that the involved parties do not care for even three seconds of their day about it.
yes -- based on real life interaction with real low-level accounting middle class bureaucrats in California, I agree that most of the people who are professionals in Federal student aid do not personally care about this bigger system. More importantly they care about their own paychecks, which most of them use to buy things for their own family events.
> Of the 40 students enrolled in her popular introduction to real estate course, Pugh said she’d normally drop three to five from her roster who don’t start the course or make contact with her at the start of the semester.
Key word: "popular."
A dean's most important question: "How are we gonna pay the bills?"
Well, if the number of ghost students in a department's popular class just doubled and eventually get dropped from the roll, that means the number of bona fide students completing that class also went down.
If you're the professor of that class, you want to make it crystal clear to the dean that this is an otherwise popular class getting hit by a scam, and not a class that's organically becoming less popular year over year.
Communicating this distinction to the dean is paramount-- the prof's pay and job stability depends on the scam being addressed for next quarter/semester. And those concerns bubble up from dept dean up the administration.
I mean, as I write this I start to wonder the opposite of you-- how could anyone in this chain of authority not prioritize addressing this issue?
I don't know what CCSF's problem is, but this is the second major fraud case I know of that involves them specifically.
A few years ago (this was pre-pandemic, around 2018-19), you could buy those "unlimited-storage, never-expiring" Google Drive accounts online. I was curious about how they worked, and it turned out a few of my less knowledgeable friends had some. The ones I could get my hands on were all @ccsf.edu addresses, with randomly-generated but somewhat plausible-sounding names and surnames (something like "Zyx Ngehirda" or "Anqomi Horezis", names made up but it's roughly what they looked like).
From what I could figure out from these, I think you were able to sign up as a CCSF student with very little verification, and as long as you didn't take any courses, you didn't have to pay. You still got all your accounts set up though, including Google Drive, and you could sell those for a profit.
The accounts weren't actually as unlimited as the seller claimed, I asked a few months later and they were apparently shut down by that point. One person reported receiving an angry email (on that Google account) notifying them that the account will be removed if they don't sign up for a course.
This scam must have been heavily automated and very widespread, the accounts were sold on Allegro (Polish Amazon) for $1-$2. It's possible other institutions were involved too, the few accounts I knew of were bought at roughly the same time, so they could have come from the same "batch."
This is easy money for schools, students and faculty. Everyone except the taxpayers are making money. I taught at a CC and this went on for years-real students enrolling and not attending, false identities enrolled, no mandatory drops for students not attending or doing work. Why? Well, between Pell grants, scholarships and other grant sources, "students" are making 10-30K tax free, the school keeps all the payments if the "student" stays enrolled through census date as well as keeping all of their grant money, indirect and directs on TRIO grants, etc. Faculty sign these students out after the census date, thus having an EASY class(and breaking the law--that form requires a date of last attendance). I was not in CA and I watched dozens of students do this and the college was "blind" to the fraud...very convenient. The 'agonizing' problem is the scrutiny on a multi-million/billion dollar scam. We need students in these classes to call and report to ED when their class shows 20 enrolled but only 2 turn up each class. Offer them some student loan forgiveness and make then aware of what it costs them.
Like others mentioned, they describe the 'agonizing' problem, but don't explain how it works. The most charitable read is it's just plain old lazy journalism, the least charitable is they are hiding something and dancing around the issue.
What makes SF colleges susceptible to this? Are they implying it's incredibly easy for anyone to fill in a form online without any ID or verification and they get aid? Ok, why was that allowed? I am guessing it's to make it easier for people, to apply but also it looks good for enrollment -- "look at how many students we have". Being strict about verifying applications would mean also lower enrollment numbers. Some classes might not have enough students and would get cancelled. So someone there and possibly many someones looked the other way for many years.
> Starting February 2, 2024, CCCApply will be integrating identity verification through ID.me. ID.me will help protect student identities and prevent fraudulent students from taking seats in classes at CCSF. This is an optional feature for students.
> For students who cannot use ID.me, click on “Verify Later” to skip the ID.me verification process.
Ok, so still no need for any ID at all, it's all optional.
Yes, they want homeless or undocumented people from no valid identity documentation (from country of origin), minors? to have access. Ok, that's laudable, but shouldn't there be some kind of in person verification at least. I guess "verify later" is that part and it's skipped.
If you want to apply then you're funneled to either federal student aid, or California Dream act aid
One of those probably make it easier to apply to with a bot and without a valid ID. It would be nice of the article did that research instead of relying on random people do to it for them.
That's a good summary, thanks! It covers Pell Grants well.
> A former college president and financial aid director in Atlanta used the names of former students and individuals who never attended the college to fraudulently obtain $5 million in grants.10 ... In another case, two former financial aid advisers and a tax preparation business operator in Chicago were charged with filing fake tax returns to obtain nearly $1.5 million in financial aid for 75 students over a 2-year period.
That's interesting. Maybe it's worth taking a closer look at the college administration? They have both the access, the knowledge, the opportunity and even the official motive - to bolster admission numbers.
Perhaps they are targeting community colleges in general, because of the proportion of online course there is higher and they usually have fewer IT and administrative workers to keep an eye on things. That's disheartening, community college, are gems and it help many people get up on their feet who can't afford to go to the larger universities.
We are part of a system where each school is named College Name - City Name. And we were told that schools in towns earlier in the alphabet were getting hit before our school did.
I agree, I think it's dancing around the issue of identification, possibly undocumented persons, international students and cultural sensitivity. To push for greater identity verification could be interpreted by some as leaning in towards the mandatory ID political issue. Basically, schools don't want to be seen supporting mandatory ID because it makes them look aligned with the conservatives/Trump.
It’s not really about looks. If you collect this data, and enroll a student who is seeking asylum, the current administration will attempt to get this data from you to send your student to life in prison in El Salvador. Which is an impact a bit beyond looking aligned. (Of course, reasonable people can disagree about whether life in prison is an appropriate punishment for seeking asylum through legal channels)
> If you collect this data, and enroll a student who is seeking asylum
> a student who is seeking asylum, the current administration will attempt to get this data from you to send your student to life in prison in El Salvador.
That could make sense at one level, yeah. But doesn't US CIS already have contact information for all who applied for asylum in order to process the asylum application? And besides, this doesn't seem like an issue that just started this year.
Surely there is something that can be done in between "Giving them free taxpayer money without verifying that they exist" and "sending them to prison in el salvador for the crime of applying for asylum"
Sure. But "sending them to prison for the crime of applying for asylum" is the position in power at the moment, and they don't seem to be amenable to compromise. So you accept that as a fait accompli and design your own actions around that.
> But "sending them to prison for the crime of applying for asylum" is the position in power at the moment,
But if they applied for asylum doesn't the US govt already have their information in order to, well, process the asylum application. So, there is nothing for SF College to hide. Not saying that it all has to make sense, but that part doesn't seem to add up somehow.
> the office estimates that 0.21% of the system’s financial aid was fraudulently disbursed, the spokesperson said
The optimal amount of fraud is non-zero. If your financial aid process actually has 0% fraud then it is guaranteed that (1) you spent more resources vetting applicants than saving from fraud and (2) a large chunk of deserving applications were denied in the process just to be extra careful. So the 0.21% seems pretty reasonable to me.
I think that depends on the ratio between detected and undetected fraud. Some fraud will only be detected once they find no one to pay for loans, or when the person being collected has go thru an insurmountable bureaucracy to prove they never enrolled it.
Given the evolution of the technology, I’d say 0.21% is neither static and guaranteed to raise significantly in the to near future if the identification issues don’t get solved overnight.
"The optimal amount of fraud is non-zero."
No, the optimal amount of fraud is ZERO.
The cost of fraud detection and prevention is different, but in an ideal society, the taxpayers aren't paying for fraud (because the people don't scam the government).
If fraud detection is so expensive, maybe it's important to be more selective of who has access to the community and keep the scammers out.
And how would you "be more selective" and "keep scammers out" without incurring more costs? At some point, it costs way more to prevent the last 0.1% or 0.001% of fraud than would be saved by preventing said fraud. And the cost might be paid by non-fraud being detected as false positive.
Your salary was the exact kind of thing that needs to be balanced against the cost of fraud; if it was larger than the amount of fraud you prevented, then the company would have been better off just accepting the fraud as a cost of doing business. The closer you get to zero fraud, the more expensive it becomes to reduce it further (and the more likely your countermeasures will negatively impact the business in other ways), so there definitely is an "optimal" balance to be struck between fraud and preventive measures.
You don't live in an optimal world so what use is it talking about? Are you also doing your business calculations using frictionless spherical cows in a vacuum?
Simply put every living system on the planet earth has some amount of parasites. To have no parasites at all would require massive amounts of energy by the host to ensure said parasites don't exist. If the host can spend a much smaller amount of energy and ensure that 99% of parasites don't exist that is optimal thereby negating your original premise.
This isn't limited just to California. I teach at a community college in the midwest and we have encountered this too in our online classes. Last semester I had 3-4 in one online class that were fake but a colleague had about 1/3 of her class.
They start the class doing work so that means we have to grade it. I first became suspicious when these fake students were posting message board posts that were all weirdly indented like they were from an email reply chain. I thought it was weird until I talked to my colleague who had the same thing. Then one of htem posted a message that was "Hello, I am a student from [insert town name here]...."
We turned the names in and the university used an id verification system and got them out of the class.
> In the 2024 calendar year, the [California Community College] chancellor’s office estimates that 31.4% of its college applications were fraudulent, a spokesperson for the office told SFGATE. The chancellor’s office also considers it fraudulent both to apply to a college with no intention of attending any institution and to enroll in a college with no intention of actually showing up.
If these are the criteria, it seems hard to distinguish high school seniors that are going go through the motions, but don't actually intend to go to college from people who are trying to pocket financial aid without doing the time in the classroom. (Is it financial aid fraud if you legitimately qualify for the aid, and show up to the classroom with no intent to pass or graduate? If the aid is non-recourse, it might be reasonable as a person to do so)
Specifically for California Community Colleges, the stakes are so low for enrollment, I can see a lot of people enrolling just in case, then deciding not to go and forgetting to notify the college. California Community Colleges are an amazing resource, though; I think more people should use them, and more states should build out their community colleges using California as an example. When I was in school in ~2000ish, Wisconsin community college charged the same amount per credit at UW and the Wisconsin Community College system; which seems like a great way to get people not to use community colleges.
And elsewhere it says "the office estimates that 0.21% of the system’s financial aid was fraudulently disbursed" which sounds pretty low and maybe not worth worrying about. "Zero fraud" sounds nice but probably costs more to attain than it's worth.
I see mentions of "bots" and "AI" all over the article but is there a single actual example that shows that the fake students are AI bots? As opposed to the much simpler explanation that real people are signing up, collecting aid and then ghosting?
California determines how much money each community college gets using the 'Student Centered Funding Formula' (SCFF), which has three parts:
- 70% based on # students (adjusted for whether they're part time or full time)
- 20% based on # students who receive Pell Grants or similar
- 10% based on student outcomes like graduation or transfers to four-year colleges
Fake students would inflate the first two. So, even if fake students deflate the final item (eventually), what incentive do community college leaders (who presumably care about the number of staff they're able to employ) have to expel fake students, or even to be honest about their prevalence?
Depends on how far up the chain you go. I can see some oddball situations created when vibe coding meets unsecured AWS access keys. Imagine a rogue prompt deploying a self perpetuating worm that creates scam apps and uses the funds to create more scams.
There've been so many scams in California, I suspect someone is designing scams into these programs. Whether it's unemployment, Calpers pensions or student loans, it seems California government is allergic to common sense.
This problem feels like the scalping problem with concert tickets. Make the person enrolled show up with valid ID at a registration event after classes start. Have a few options for when to attend and verify in person.
This would root out all fraud and feels relatively low barrier for a community college student who would presumably be in the community.
I don't think you even need to go that far -- the problem seems to be on the side of the verification of financial aid being too lenient, right? How is that vetting breaking down? The typical financial aid forms and process is a pain in the neck. Money people usually require all sorts of documentation before they actually send you money.
Increasing the amount of documentation disproportionately hurts real students (or real social welfare claimants, etc). The scammers can figure out getting the fake documentation once and then scale the process - that's literally their business.
To deter scammers without the real applicants paying for it, you need quality, not quantity: proof of identity that is harder to fake.
You could hire a company or staff a team that meets people where they are to do ID verification in person. This is essentially how buying a house works with title companies. You can go to the title company or they can come to you for a fee.
people who are most familiar with what exactly is needed to pass, are the administrators themselves. This is a corruption problem coupled with automation. source: california resident
no doubt the readers here are very clever, but also sometimes lazy in their questions.
Take a look at how real financial crime is done.. the ones that know what they are doing, not the amateurs. Obviously the first item in a plan is "what is the cost of being caught" and quickly, "how can I get this to happen without doing it myself and getting caught" .. so it is a cooperative agreement, to be corrupt. The most successful of the corrupt never do any illegal things at all, they simply look the other way. Next is finding someone desperate, or far away, to "do the crime" but the successful person is involved somehow, in the most distant way possible.
Do I really have to type this out? I am guessing anyway. Did I say "the admins are making fraud things at night?" no. They mostly do not, but that does not make them not involved. Read what I wrote, that is what I meant to say here.
I like to see if people are willing to be explicit with silly claims, instead of hovering at plausibly deniable vagueness. I agree that you were intending to say something plausibly deniably vague, as you did.
Probably. But I suspect for the average person community college is trying to help, more documentation is more onerous and actually harder to get right. Instead an in person verification would be less costly for them to engage in and more understandable.
Kind of defeats the purpose of online classes. Some of the students could be many hours from campus.
Either way, this shouldn't get as far as it does. You can't just sign up for a class and expect financial aid - there are forms to submit (usually prior to enrollment) to verify ID, income, parental income, veteran status, and a whole host of other factors that impact the FA award amounts and whether that FA is a grant (often federal) or a loan (sometimes gov-backed, sometimes not).
This is for community college though which I believe only allows access to the local community and provides aid to that sub group.
Also I disagree with the premise of online classes not requiring some portion of enrollment being in person. The two can be compatible and probably drops this to zero.
There are so many layers of fraud to make this scam work. Fake enrollment seems easy enough, but financial aid requires a valid identity with real tax info. If you've already stolen an identity to snag a tax refund, I guess might as well file a FAFSA.
But, the lion's share of financial aid goes directly to the school while only any remainder after tuition and fees goes to the student.
I feel like unless this is happening at scale committed by relatively few actors, the return isn't worth the effort... if there isn't some further institutional coordination helping things along
At a community college, the lion's share of aid goes to the student for books, living expenses, etc. If they get a maximum Pell(~6K), a scholarship for underserved(~3K) and student loans (upwards of 10k) for 4k tuition, they are pocketing quite a bit. The community college can then dip into the state and national funding (TRIO, job readiness, local employer support). One student eligible for financial aid at a community college is worth about 3x what one student paying their own way is worth. How difficult would it be to verify identity and enforce attendance? THey don't to inflate their numbers.
I don't understand what the actual fraud is. Yes, fake AI bots are posing as real students to get financial aid, but this is ultimately paid to the school, not pocketed by the "student". What am I missing?
The person pretending to be a student will actually turn in home work and attend virtually until the balance of the loan and/or grants are deposited into their bank account.
It's legit to have extra funds to pay for education related expenses.
That seems like a bad scam that carries a lot of risk vs. low reward. These are community colleges. It's not like tuition is 30k a semester. Then you have to have a bank account to deposit the funds, which can trace you back. The article states fraud was $10 million last year. That's not a lot.
I don't know. If I were a criminal I'd look for something that pays out more if I'm going to expose myself.
"Pugh said she’d normally drop three to five from her roster who don’t start the course or make contact with her at the start of the semester. But during the current spring semester, Pugh said that number more than doubled when she had to cut 11 students"
Sounds like these programs distributing aid are doing a poor job of verifying who's actually getting this money.
Surely this can't be completely anomalous? Certainly it's happened before where someone enrolls, receives financial aid, and then for any number of reason stops attending school? What happens then?
Or was that always a loss and now it's just easy to automate that scenario maliciously?
EBT cards exist for reasons like that. Issue a card with which you can pay for food, books, specific kinds of equipment, very much like many corporations give employees cards that are locked to particular classes of merchants. Limit the amount that can be spent on tangible goods; say, 80% should go to tuition. None can be transferred to cash accounts.
Maybe this would still allow some fraud, but much, much less profitable.
EBT was about reducing stigma and resale of food stamps and WIC. Even that was pretty limited — the amount of money skimmed for ATM fees from cash benefits exceeds fraud losses historically.
Same here. Creating some expensive and complex system that fights “fraud” that consists of people taking on lifetime debt is dumb. Make the services share the pain for bad underwriting and the problem goes away instantly.
I attended Community College exclusively on Pell Grants. My tuition was paid directly to the school. But we received a "textbook advance" of funds directly to our personal accounts, and whatever funds we didn't use for tuition could be used for any educational expense. Furthermore, I worked through the Honors program for additional scholarship money, and so there was more to be gained beyond covering basic tuition and textbooks. (Many classes used no textbooks at all, or free resources, so this was a pretty good deal.)
I had enough surplus to pay for a good APC UPS system as well as a 2018 Lenovo Thinkpad notebook. These were invaluable for my education, but they served me for years afterwards, personally as well as for employment.
I'm a current student at CSM and will be attending SFSU next semester after initially dropping out and working in tech for a decade. So I have some exposure to this and regularly discuss the topic with faculty and participate in remote courses where this phenomena is most likely to occur. While CSM is not City College, I think its a fair comparison.
I really think this problem is being overblown and I am concerned politicians, voters, faculty, and students, will be negatively impacted by this kind of click bait journalism.
This article sucks.
> These “ghost students” are artificially intelligent agents or bots that pose as real students in order to steal millions of dollars of financial aid that could otherwise go to actual humans.
This claim is completely unsubstantiated. It links to a generic and unrelated SF Gate article. As technologists this claim is plausible given the current state of AI technology, but can we please provide evidence - is it the interviewed teacher making this claim or the SF Gate writer? Are there other sources substantiating this claim?
> A spokesperson for the California Community Colleges Chancellor’s Office directed SFGATE to a Public Records Request Act request to obtain the exact numbers. However, the office estimates that 0.21% of the system’s financial aid was fraudulently disbursed, the spokesperson said.
0.21% estimate of Community College disbursements. Not UC disbursements or CSU disbursements. Notice no monetary amount is mentioned.
---
There are real issues with "flighty" students who don't engage with the material, prolific AI use for many if not most assignments, and some really broken incentives.
There is also amazing free education for almost all income groups. Hard working students who have study groups and engage with faculty and eschew the use of AI because it detracts significantly from their education.
Happy to answer any questions about my experience over the past year completing an Associate Degree for Transfer - it is an excellent opportunity for California residents and I encourage folks of all backgrounds and age groups to explore the services they offer.
EDIT:
Calmatters [1] reported ($10 million) in fraud from community colleges in 2024, that's my bad in my haste to post a response I missed this point.
IIRC to collect Pell you have to be enrolled past the withdrawal deadline. The CCs are keeping the disbursement fraud rate low by filtering initial admissions (they are estimating >30% fraudulent applications) and then kicking out bots before disbursement. The point of these articles is that this is costly: CCC admin has to spend >$100M on IT on the admissions end, the faculty have to police their online courses in a way that is really uncomfortable (false positives mean you kick out a real student), and even unsuccessful bots take up seats that then go unused once you pass the add deadline. The CCs need reform of the disbursement process or these costs will keep getting higher.
it is predictable to attack the student point of view, agree there. What is also predictable is that casual, drive-by "concerned voters" who are typically decades past their own lean years in school, and care more about paying their own taxes than concern for young adults. The fraud here is connected to the administrators of the financial aid! They "slow walk" investigations (guess) since they are paid by the number of students who are active, and those numbers plummeted during Covid-19 and b) they are financially connected to the flow of money they look after. Community colleges are wildly varying in rigor and skill of administering. The whole political cover here is that casual observers (who might vote) quickly place blame on students or "distant others" .. How many mid-level accountants are owning vacation homes with extra money while students actually starve in high cost of living California? etc
I didn't ask seeking victory, I just want to know the truth. It's a valid question on the nature of people. Instead of feeling defeated, I'd have genuinely appreciated it if you'd responded with research that supported your position.
You're at least the second person today who I've asked for a source. I was surprised by what I learned the last time and I'm glad to have learned what I did.
You don't have to feel defeated for not having sources to back up your world view either. Maybe you've lived your life surrounded by terrible people who genuinely wouldn't help someone else more often than not. Maybe it's made you bitter and sarcastic. Maybe it's worth considering where that bias comes from and how well it actually applies to the world beyond your own experience. I asked because I think it usually is. After all, maybe I've just been really lucky and it turns out that people really are most often just selfish and unhelpful. I wouldn't consider being wrong about that a loss or failure on my part, but I would take learning something new to be a win.
Also, since you brought it up, I'm pretty sure I have fact checked a song at some point. Not that song, but I'd guess that I'm not the only one here who has at least once. Folks around here tend to be curious about stuff. Most of the time, requests for sources or more information shouldn't be interpreted as an attack.
It's only with life experience that you get a "source" for general ideas about life and people. The idea of a "source" for a world view of philosophical perspective is contradictory.
Those who will take action based on a moral conviction, which doesn't have any discernible benefit for themselves or for the people they care about, are few between. And fewer yet in the world of academia and distribution of public funds. I wouldn't make my original comment if the topic was about a different sector.
Make your own observations about people and you will come to your own conclusions. What I've seen is that people might be idealistic when they are young, but when they're old enough to actually make a real difference, then very few will keep any convictions instead of putting them on the shelf and focusing on personal benefit. I refer to actions which truly make a difference in day-to-day life. Not voting, putting your name on a list, protesting or such.
> Maybe you've lived your life surrounded by terrible people who genuinely wouldn't help someone else more often than not.
This doesn't really apply to the people we surround ourselves with, as we all choose to surround ourselves with those people who treat us well. And there's benefit in helping your friends and family. Now consider somebody the handling the benefits payments of people completely unknown to her, who are just names in a database.
Since you sincerely want to have a productive conversation, I would like to give two different reflections on humanity, they a little bit of two sides of the same coin.
One is that you should never judge yourself by how others judge you. But most people make this mistake. It's natural, since children grow up in some kind of stable "community". The problem with this is that most people do not have enough experience together with you to make any sort of judgement, it's usually mostly from gossip and prejudice. It leads to a lot of unnecessary frustration among the youth to have to struggle with this, and unlearning this usually only comes with experience of being an adult. Because once you get older you have already met and dealt with so many people in life that you know that how they treat you says nothing about you and everything about them as individuals.
The other reflection is a flip on the golden rule. "Treat others as you wish to be treated", but this doesn't cut it anymore in modern times because very many people see themselves merely as numbers for the government, so they want to be treated like shit by their superiors and want to treat those below them as shit.
I say instead "Treat others as if they are the best". Especially when employing young people I've used this rule. Meaning, I will treat them as if they are honest, hard-working, reliable and intelligent. Because they will then automatically behave that way. Usually nobody has ever treated them like that before, so they greatly enjoy it. I think it's completely subconscious, people will fall into a role, especially when they're young.
This is why schools and academia is so utterly destructive, because they baby young adults and hinder them from maturing and becoming the best that they can be. A lot of work places do this as well. How can you as an employer demand that your employees should be responsible and hard-working, if you make up rules and such that clearly shows that you don't think so?
Treating people as if they're the best also means that you really quickly can identify out those who are not up to it.
I have to stop now because I'm ranting, but it's all connected.
Reminds me of a Frontline episode that was investigating dentists who did major dental work for poor people for payments from the government. The dental work was excessive and completely unnecessary. Dentists would set up entire clinics to do this and soak the government.
The laughable thing was the Frontline journalists were gobsmacked by people responding to big money incentives. They couldn't believe it!
There are also clinics set up to optimize extracting money from medicare.
It seems like they're attacking the wrong end of the problem by trying to detect fake students in the classrooms. If the issue is that people are signing up for financial aid and then disappearing with the cash they'd be better off making sure that the people who get financial aid actually are who they say they are before sending them money, or better yet stop giving cash as financial aid and instead give some type of credit that can only be spent on/at the school.
Once scammers can't get access to the money the problem of bots in the classroom will mostly go away.
Yeah, this confused me as well...
Are these bots successfully completing FAFSA forms to the government?
And the government is successfully generating ISIRs to send to the schools?
If yes, then this is a federal ID verification issue.
If not, why are the schools sending aid payments sand ISIR? Or does CA run its own state-level aid programs that skip the federal forms completely (and botching the ID verification on their own)?
Or are all of these effectively stolen IDs? Where the FAFSA and ISIR are for real people (but people who aren't actually students)?
The article is missing a LOT of details, what a waste of time.
Identity theft is relatively common, so I’m not sure if their aid system should be considerable especially vulnerable or not.
There's no such thing as identity theft, it's all bank fraud or in this case student aid fraud. "Identity theft" is a term coined by banks to try to make it sound like random people should have to deal with the fallout of the banks' bad identity verification practices.
If the student aid system verifies identity by, for example, just validating that the applicants know a single 9-digit number that after the Equifax breach should be considered public information, that is a critical problem with their identity verification system and it should be patched.
Classic Mitchell and Webb skit https://www.youtube.com/watch?v=CS9ptA3Ya9E
surgical in this sense means only blowing up the bus stop instead of leveling 6 blocks with a MOAB. Your feelings about safety are supposed to be negatively affected by a bomb. Whether that bomb is a precise or strategic bomb is immaterial.
In places like Gaza, "surgical strike" often means "only" blowing up the support pillar of an occupied multi-story apartment complex in the middle of the night.
https://www.youtube.com/watch?v=CS9ptA3Ya9E Relevant Mitchell & Webb.
Haha, I'd never heard this. I liked their TV show I should check out the radio stuff.
I’ve long wondered why victims of this fraud don’t more often sue the institutions that granted fraudulent accounts, for any and all damages and cost incurred.
Well, you’ve come to the right place.
When someone tricks a bank in a way that harms you, the legal question governing your recovery from the bank is, “Did the bank act negligently, and did that negligence cause you harm?”
Unlike normal life, where “negligent” means “I didn’t enjoy it,” under the law there are several required elements that constitute negligence. One required element of negligence is that for a party’s negligence create liability, the alleged negligent party must have owed the harmed party a duty at the time of the breach of that duty.
Duty can arise in several ways according to state common and statutory law. For example, a doctor owes the duty of the standard of care to his patient. A driver owes the duty to drive the speed limit to other motorists. The question of whether duty exists in any situation is a complex question of law.
One thing that isn’t complicated, though: in every jurisdiction I’ve researched, a bank owes no duty to a non-customer.
This is why victims of identity fraud don’t sue the bank that granted fraudulent accounts: there is no negligence and will this be no recovery. (With the caveat that I’ve seen people who were harmed by a bank where they randomly happened to have an account… in this circumstance, duty can be ascribed to the bank because a banker-customer relationship in which duty is rooted exists).
Corollary: open an account at every major bank to establish a duty-relationship everywhere.
Poor startup idea of the day: Accounts-at-every-bank-as-a-Service.
Read Ross Anderson book Security Eng., it deals a lot with these types of issues. In short, banks try not do anything about as long they do not have to pay for it.
I suspect the issue is similar here with the multi stakeholder problem here. The college needs as many paying students as possible, the workload of the staff should be as low as possible, the office giving out loans wants to have a low workload... All in all good scammers will serve all these needs and happily take the money in the process.
> "Identity theft" is a term coined by banks to try to make it sound like random people should have to deal with the fallout of the banks' bad identity verification practices.
The problem isn't the banks, the problem is that unlike Europe where in most countries it's commonplace for everyone to have a government-issued ID document, the US does not have that requirement and so companies of all sorts abuse documents not meant for that purpose like SSNs or driver licenses that can be trivially forged.
Banks can't invent security out of thin air when a significant part of the US population believes that mandating possession of one is a surefire way into a dictatorship or whatnot.
About 3% of the us adult population doesn’t have government issued photo id. So if the issue is forgery say so, it’s not a lack of id or a cultural norm against it.
How many billions would a major bank loose in a lawsuit, if they did the sensible thing and refused to deal with 3% of the population?
4.2% of US _households_ are unbanked. Banks refuse customers for many less extreme reasons than “can’t verify identity” which is in fact a requirement for them with all of their federal and state regulators.
Most do.
For example: https://www.reddit.com/r/Banking/comments/1csl00q/any_banks_...
>How many billions would a major bank loose in a lawsuit, if they did the sensible thing and refused to deal with 3% of the population?
Zero. Because FINCEN/KYC[0] laws in the US mandate identification for all customers.
Which means that at least 3% of the populations is "unbanked"[1]:
[0] https://www.investopedia.com/terms/k/knowyourclient.asp[1] https://en.wikipedia.org/wiki/Unbanked
Edit: Fixed subject/verb agreement (laws/mandate)/fixed quote formatting.
Further reference for the ID requirements:
https://www.bankhelp.gov/help-topics/bank-accounts/required-...
> About 3% of the us adult population doesn’t have government issued photo id.
Add on top of that undocumented people or the issues surrounding the Native American population and their partial autonomy rights, and it becomes a mess very very quickly because it won't stay at "about three percent".
What? US banks won't bank you if you don't have 27 distinct forms of government ID and a recent rectal exam.
And then they have someone with an incomprehensible accent in a call center that probably also runs scam calls calling you up and asking for your password as part of their ordinary SOP.
They deploy fancy new tech like "verifying your voice" with some AI crap while simultaneously not allowing your password to have more than 8 characters. (Which must have two symbols but if one of them is ` you'll experience random spontaneous logouts).
There may be many causes of the disaster that is bank security, people not having ID is absolutely not part of it.
We need a better phrase, like “impersonation fraud” or something, which focuses on the two parties actually involved. You can’t actually steal somebody’s identity of course, they are just an uninvolved third party.
Eh, I'd say it's a bit more complicated than that.
Quite often the impersonator had nothing to do with the collection of the identity itself. There are people that 'copy' things like insecure online information around identity, but there are also people that physically steal things like drivers licenses and birth certificates. This is the stage of a crime that I'd consider actual identity theft. After that you have black market information brokers. They didn't capture the identities in the first place. They don't directly use the information to impersonate others and yet they are still complicit in a crime. Then you have the final stage of impersonation fraud as you state.
I want to be pedantic, it is not the identity they’ve stolen in the first case, but the documentation of the identity. A person’s identity is just intrinsically part of the person.
>A person’s identity is just intrinsically part of the person.
Is it?
If I look at least somewhat like you, grab your ID, and stuff you in an incinerator then any ID system that does not take detailed biometrics will have no clue if I'm you or not.
Saying identity is intrinsic is tantamount to saying "I am that I am". I mean, that's cool and all, but that tells me nothing about who you actually are.
There is nothing intrinsic about your name for example. This can and does change for people.
Again, same with location where you live.
We spend our entire lives grown up and getting old, so how we look adapts.
Then you get down to bio markers like fingerprints or dna, but these are recent inventions when it comes to human identification and take a fair bit of technology to use successfully.
Interestingly enough the US seems to have between 1.5 and 6 times more of such cases than Europe (the numbers I found are a little bit fuzzy and use probably different methodology when collected, so this could well be an entirely statistical phenomenom).
I was curious, because I (living in central Europe) could not think of a single case of identity theft in my social circles or a prominent case I ever heard of.
The US does identity verification by asking for a driver's license (which has no chip or biometric data) and possibly a series of questions about your past drawn from public data. All of these credentials are laughably easy to spoof. Compare this to Europe, where every resident has an eID containing a keypair and X.509 certificate signed by the government containing their personal details. It is trivial to check the validity of these cards and nearly impossible to forge without subverting either the national PKI or printing apparatus
The security around the facilities which make the documents is also significant. Getting the printing apparatus is no small feat.
It's currently being deployed across the european union[1], I think the 2026 target they gave it's a tad too unrealistic, wouldn't be surprised if we get major coverage not until 2030.
[1]https://commission.europa.eu/strategy-and-policy/priorities-...
That target is for the new and improved version where you can use NFC to self-identify on the web. The old version (with a smart card inside, so only offline auth) was rolled out in Germany in 2010.
Can't remember if they ever released the 1st version either in Italy or France, a few days ago my septuagenarian mum got the NFC enabled one in Italy.
The iOS app is surprisingly decent. She could still request the old, paper-only id but this one could be also used to pay for local ordinances straight from her phone, and it's less cumbersome than the SPID-based[1] authentication.
[1]https://it-m-wikipedia-org.translate.goog/wiki/SPID?_x_tr_sl...
It's an EU thing. Yes, normies do use it, as it is a chip embedded in your personal ID card and your passport. You hand your ID to an officer, they read the chip data and verify the signature. You don't have to know anything about how it works. It also contains biometrical data (your fingerprints, etc).
Implementation of eIDAS is still in progress. It's not even mandatory for every citizen to haven an eID until end of 2026. And it's also not used yet everywhere for everything. But it's gradually growing.
The first time I had a chance to use was just some months ago, when I could activate a SIM-card online through and my smartphone reading out my ID-card via NFC. I pay daily via NFC, but it's the first time ever I had to use the chip in my ID-Card, despite it having one for 15 years now. Laws and regulations are good in theory, but reality can be often quite a bit different.
Fingerprints are collected only from criminals or people who visit US. Why did Europeans agree to being treated like criminals or tourists I don't understand.
Fingerprints are only stored on the chip. Collection/retainment for other purposes is against the law.
>Fingerprints are collected only from criminals or people who visit US. Why did Europeans agree to being treated like criminals or tourists I don't understand.
Only if you assume that anyone who works for a SEC regulated company[0], applies for a California driver's license[1], current and former US Military personnel[2] healthcare workers, teachers, real estate agents, child care providers and others[3] are either "criminals" or "tourists."
If so, into which bucket would you place CA driver's license applicants? Criminals? How about US Military personnel? Tourists?
Please do elucidate.
[0] https://www.law.cornell.edu/cfr/text/17/240.17f-2
[1] https://www.dmv.ca.gov/portal/vehicle-industry-services/occu...
[2] https://www.law.cornell.edu/uscode/text/8/1440f
[3] https://blog.certifixlivescan.com/state-by-state-guide-to-fi...
Don't know about the whole Europe (or EU) but I strongly suspect it is indeed (almost) everywhere. I'm Turkish and Turkey has it too. And yes, my mother uses it, and my grandparents used it when they were alive. You can't do anything government-related, open a bank account, or even visit a hospital without your government-issued ID card (which contains a chip). And a few decades ago, before the chips, there were other security measures tied to ID cards.
We don’t have a national ID system, just a single, poorly suited Social Security number that’s been overloaded to serve as our entire identity in the eyes of the state. These numbers are effectively public knowledge, thanks to private credit agencies created to fill the gap when banks failed at risk assessment. We could’ve replaced this broken setup decades ago, but there’s a vested political interest in ensuring federal programs fail, to justify further privatization and the dismantling of social services.
A proper national ID and strong privacy laws would be obvious policy wins, but that would require competent lawmakers.
In my lifetime, the most consequential federal legislation has been the DMCA (1998), the Patriot Act (2001), and Obamacare (2010), which effectively marked the end of meaningful legislative power and the handoff of governance to the executive branch.
What about ID.me that irs.gov uses for tax-related matters? When I tried to get it once, it is pretty hard to get authenticated -- required 2+ gov't IDs, plus pic of yourself holding them. That should be pretty safe. Not good enough? (Overall: I agree. There is no concept of a national ID in the US, except a passport which huge numbers of people do not have.)
It's a very similar situation in the UK, though the hostility towards National ID cards comes from the public not the government.
Apparently people associate it with the authoritarianism of 1984 even though mandatory ID existed in 1948 when the novel was written.
We have at least two different national ID systems in the US: passports, and Real ID.
One of those two is as of last week or so required to board a flight in the USA.
As I understand it, it’s mostly fundamentalist Christians blocking national IDs.
I'm not Christian and I don't want a federal ID. I don't even want a state ID but I will eventually be taken to prison if I continually get caught driving without one.
Coincidentally and/or anecdotally I've never had my identity stolen.
The last big push for a secure national identity system was during the 90s as part of the negotiation on the Illegal Immigration Reform and Immigrant Responsibility Act of 1996. It was opposed by fundamentalist Christians then, but it was more vociferously opposed by civil libertarian groups like the ACLU and the EFF, Cato, as well as immigrant rights groups like La Raza.
I'd argue that the fundies have more political clout than those other groups combined.
Half of the house Democrats, not exactly a group known for kowtowing to religious fundamentalists, voted against improving the design of social security cards. If 16 of the 91 that voted against the McCollum amendment had flipped from Nay to Yea, this would be a solved problem.
Or at least a different problem.
Based on what?
You’d be wrong. It’s coming from the same crowd that claims showing a driver’s license or some other form of ID in order to vote is racist.
> I was curious, because I (living in central Europe) could not think of a single case of identity theft in my social circles or a prominent case I ever heard of.
But there’re tons of scams involving stealing your personal id and security codes. It’s wide spread from Belgium to Estonia.
There's apparently no good way of doing this. Denmark have a system for identifying yourself online. It has a 2FA component, either an app on your phone, where you have to swipe or something (I don't use it) or a physical code generator. It should be basically impossible to break, except it's not, because people will get calls from "their bank" asking the to do the 2FA stuff. Basically any measure put in to prevent this is being circumvented by people believing that the bank, who barely wants to deal with customers, would actually call them up Thursday evening.
I think the current solution is to have users scan a QR code, if they are on a different device than the one with their authenticator app. I haven't hear of anyone with the hardware token being scammed though, but most of the people who have the hardware version, do so because we don't even trust an app on our phone.
But yes, there are PLENTY of cases of identity theft even in countries with electronic identification solutions.
One thing the US could do, but won't, is have an account registered with the federal and state governments. Any money coming from the government should ONLY go to that account and it changing it should require a thorough identity validation.
QR code is how mitid works. You scan and you swipe.
> identity theft
It is not identity theft. It is identity fraud.
Implying that you can lose your identity to someone is a way to shift blame from the banks or whatever entity being defrauded.
Often issues such as this are the result of people involved in the verification process, being bribed or taking cash for approvals. This is even more likely to happen if you outsource part of the process.
>Often issues such as this are the result of people involved in the verification process, being bribed or taking cash for approvals. This is even more likely to happen if you outsource part of the process.
Often, posters on HN engage in pedophilia, tax evasion and satanic rituals. This is even more likely if you allow just anyone to create an account.
That's ridiculous, right? Because I provide no evidence for my statement whatsoever. And yet, I manage to paint every HN user with that broad brush.
It's an example of 'reductio ad absurdum'. If you have any evidence that your hypothesis is any more valid than mine, please do provide it. Otherwise, you're just smearing people without any reason except to validate your world view.
> If you have any evidence that your hypothesis is any more valid than mine, please do provide it.
I don't know about evidence, but logically your example is bad. One is talking about specifically fraud issues, and their most likely cause. You're just generally talking about people.
Social engineering hacks are the primary hack. If you're not familiar with them, you aren't security conscious.
SIM card swaps have been reportedly repeatedly, as being a social engineering hack. Often the exchange has been done via gift cards or crypto. More than one such hack resulted in millions being stolen.
Your attack dog response is quite unwarranted. Why are you so upset at a generic comment, indicating that fraudulent identity verification can be done on both ends?
Do you imagine that university admissions employees are perfect, uncorruptible? Is this some weird, US political minefield?
>Social engineering hacks are the primary hack. If you're not familiar with them, you aren't security conscious.
You didn't say that financial aid administrators were being "socially engineered. Nor did you say that they had their SIMs swapped. Rather, you said[0]:
That might well be the case here. But unless you actually have even a shred of evidence (do you? if so, please provide it), you're painting thousands of people with the same broad brush.>Do you imagine that university admissions employees are perfect, uncorruptible? Is this some weird, US political minefield?
I do not. But I also don't make completely unsupported accusations/attacks against random strangers as you did. Not a "political minefield" at all. You were just talking out of your ass and I called you on it. Full stop.
[0] https://news.ycombinator.com/item?id=43924650
We are discussing, in this sub-thread, methods by which people masquerade as others, stealing funds, abusing resources, and so on. The post I replied to was musing, essentially, "How could this possibly happen!?"
My statement is entirely valid in this context.
Social engineering attacks are a well known method to hack, and masquerading as others is indeed a hack.
> If not, why are the schools sending aid payments sand ISIR? Or does CA run its own state-level aid programs that skip the federal forms completely (and botching the ID verification on their own)?
If I had to guess, this is probably to make the process easier for illegal immigrants, this being California and all.
I have a number of family members that work at different levels of government facing the public. Based on your rhetoric and their stories there's a high probability that you'd fall under the group I'd consider 'howlers'.
What is that?
The people that blame everyone else for problems without understanding any of the complexity of the system. Everything is some scary other persons fault. Then later they have to interface with the system after the laws they have promoted and they are aghast about how abusive the system has become.
I got to see this in person just a few days ago. I was renewing my license in Texas and had a stack of all the proper identification that I needed because I triple checked online on what I'd actually need. In front of me was an older gentleman that evidently had waited till the last day to renew his license. He didn't have any of the needed documentation, in this case his birth certificate. The clerk told him that unless he had that record he could not renew. He was all pissed and storming out and said "I bet it was the democrats that make us do that!".
It is this wild disconnect I see quite often where I see people that want others inconvenienced, you know people from other places or people that don't look the same, but proceed with shock when the rules apply to them also and start howling about it.
> He was all pissed and storming out and said "I bet it was the democrats that make us do that!".
If your story is actually true, that man is somehow oblivious to the fact that Democrats are the ones always bringing up the “it’s so hard to get a driver’s license! And racist to require one for anything!” arguments. I’m not sure how you’ve come to the conclusion that I want to inconvenience people out of spite. I’d like to inconvenience illegal immigrants from getting their education subsidized by citizens. California wants the opposite.
>If your story is actually true,
Go in an sit around any precinct courthouse or state document renewal facility in Texas in the lobby for a week and you'll see it multiple times a week. It's not some particularly rare occurrence.
The sovereign citizens are common too, and they really start howling commonly having to get escorted out.
It's been a few years since I was in college, but back in the '00s when it was relevant to me, there was nothing I could do to get cash. I submitted financial aid documents (to include federally-subsidized loans), and money went from the lender to the school. If there was an underpayment, I had to submit more docs and the lender sent more money. If there was an overpayment, the school refunded the lender and my statement was updated.
Other than completely unsecured private loans how the hell are 18 year olds getting cash for their student loans?
I got a cash deposit for living expenses. I had to pay rent, after all, while out of town at school. Hell, I needed food too. The payment to the school was handled exactly as you say.
Yeah I’m puzzled by this too - I suppose it helped that I wasn’t living in school housing, I was living at home for most of college, so my only college expenses were tuition, transportation, and supplies, all of which could be paid directly by my loan issuers but - yeah, I never saw a cent of cash, either through student loans or financial aid, it all just went directly to my school.
I agree, it sounds like the problem is in the way financial aid is granted.
Is this (as the headline suggests) more of a problem in California? Does California have particularly generous and vulnerable financial aid?
California does give financial aid to undocumented/illegal immigrants, so verification can be difficult and touchy subject:
https://www.csac.ca.gov/college-financial-aid-and-safety-for...
If they truly don't have any means to verify that the person receiving the grant is who they think it is, this sounds broken by design.
Say that in certain political circles and you’re liable to get berated
People in those circles generally believe that college education should just be free for all residents. Which is an internally consistent position, since if everyone is eligible, there's no need for verification. It's specifically the programs that restrict eligibility that don't make sense if you can't verify said eligibility (which starts with verifying identity).
Maybe I’m not in those circles but college should be $1000/semester imo. A lot closer to free than it currently is. But the way to get there isn’t financial aid, it’s…charging only $1000/semester.
Fraud is still fraud.
I only clicked through the first few steps of the process but it appears to require government issued ID.
You don't need to be in the country legally to get a California driver's license.
https://www.dmv.ca.gov/portal/driver-licenses-identification...
Similarly, there are mechanisms that allow victims of crimes to seek help from the police without fear of deportation.
Makes sense to me. I'm much more worried about road safety and crime than people coming to the US then paying payroll and sales taxes, but not being able to claim federal benefits.
Which is to say, they are "undocumented" on federal level but not on state level.
Which is well and good, but then the original question still applies: how do the bots manage to get past all these requirements?
Shouldn't the process of getting that financial aid make them registered?
> If the issue is that people are signing up for financial aid and then disappearing with the cash
I'm curious how that even happens, it's pretty hard to get actual cash back after the banks send the money to the school on your behalf.
This is exactly the issue that Johnny Harris talked about in his video about the poverty industrial complex: https://www.youtube.com/watch?v=w3nwdRIXGjc
When I did my degree many moons ago in three UK I got a student loan like many people. The loan company sends the money directly to the university not the student. Weirdly though when I did my masters they sent the money to me.
But why can't the scammers simply use AI to pass as actual people at scale?
Let's say in 10-15 years they'll have robots that can pass for humans as well. Then what? How are you going to tell who's a real human?
By the legally-mandated "R." in front of their name.
(Isaac Asimov, _The Caves of Steel_.)
[dead]
Why would any of the involved parties care at all? It's not their money being sent to scammers, so it's not a problem for them.
Students aren't able to get into classes when bots are taking all the spots. Teachers actually care about educating students so they don't want to have their time wasted by bots. There's only so much loan money to go around and the schools want to get that cash into their own pockets, but the schools don't get any when scammers are running off with it to funnel money to other countries or whatever else they're doing. Similarly, students who really need the help can't get it when it all goes to someone who isn't interested in paying for education.
Schools have another problem with "ghost students" in general which is that there's a lot of other stuff going on at schools that depend on real students being there. Vendors, club activities, sporting/social events, nearby bars and restaurants etc. There's an entire ecosystem on and around campus which is created or supported by real students. All that non-classroom stuff helps make the school more attractive to students and often directly generates income for the school as well, but little of it would exist or be worthwhile if the campus is a ghost town.
When I was at community college (~ 2000), if the section you wanted was full at registration, you'd register in another section (in case), but show up at the section you wanted and talk with the instructor. Depending on the course/instructor, you'd might need to show up for the first week and anybody who hadn't attended in the first week would be dropped and those who had attended but weren't registered could take those spaces. Sometimes the instructor would do that at the first meeting. You'd go to the section you were registered in as well, and let the instructor know there (sometimes it'd be the same instructor and then maybe you wouldn't need to attend both sections). Not ideal, but registration order was based on completed credits, and after one semester it got a lot easier to get into the sections you wanted; students (real or not) that haven't completed any classes get to pick sections last, so once you've shown you're willing and able to complete classes, you're good. (Protip: check if taking any class in the summer will help you get into the sections you want in the fall)
At that time, you could drop classes in the first two weeks for a full refund.
That works pretty well for a full-time student, but two points...
- If you're working/raising a kid/whatever, you don't necessarily have the time to drop into classes that might be full. There is likely a non-zero number of people who see their preferred section is full and don't move beyond that (people taking one-off classes, or slowly working through a professional certificate).
- That's a lot of extra mental bandwidth for all involved. Yeah, it works, but life would be better if it wasn't the norm.
If you don’t have time to go to the class, you don’t have time to go to the class.
Probably the next step for online-only courses is for the ghost student to start submitting AI generated homework....
[dead]
The lost money comes from the taxpayer. But that loan money was going to be used to pay the school; and presumably if the student doesn’t have that loan money, they ain’t gonna be paying (or attending, because they can no longer afford to do so). So schools should care. And the students should care — they don’t get to join the school. And the government should care — their funds just went into a void. And the taxpayers should care — their money just went into a void, and some number of their kids just got denied college access.
What involved party shouldn’t care?
I think they're making a cynical comment about incentives and government waste.
There's some truth to this if the people in charge of the process are not the ones paying.
I've seen gratuitous waste in government due to indifference. It can happen in the private sector too.
> But that loan money was going to be used to pay the school; and presumably if the student doesn’t have that loan money, they ain’t gonna be paying (or attending, because they can no longer afford to do so). So schools should care.
I don't think this is a correct model of the situation. As far as I know, it isn't the case that there's a fixed budget for student loan disbursals and all of it will go to some school or other unless it gets stolen. Rather, if more people ask for student loans, more money gets disbursed, and if fewer people ask for loans, less money gets disbursed. So the amount of money the school gets wouldn't be affected.
>The lost money comes from the taxpayer
not necessarily
Whose money do you think is being sent to scammers?
Also, decent human beings care about things that are unjust/immoral/unethical regardless if it affects them or not.
Like stealing money under threat of force from many individuals and handing it over to some random scammer?
That kind of immoral act? You might not be as decent a person as you might think.
> Whose money do you think is being sent to scammers?
I guess the tax payers money? Otherwise they would have nipped this in the bud.
> Also, decent human beings care about things that are unjust/immoral/unethical regardless if it affects them or not.
Decent people are sometimes quite far between, most people would never lift a finger even an inch if they don't have anything to gain personally.
Well, we’re focused on extracting as much money as possible from people who try to pay loans with awful terms. Meanwhile, the banks have no incentive to do meaningful vetting as the loans are guaranteed.
> most people would never lift a finger even an inch if they don't have anything to gain personally.
Personally, I haven't found that to be the case. If you've got sources that say otherwise I'd be interested in seeing them.
Some people take pride in their work.
Uh, federal financial aid is absolutely all of our money (acquired from taxes).
And loan fraud just drives up the cost of loans for everybody else.
And the overhead of fighting this eats into school resources, driving up the tuition that's forcing the loan in the first place.
And as a professor/instructor, that's money that could go to funding more tenured positions (vs adjunct spots or other "non-permanent" teachers).
So, sure, without putting much thought into it, an individual might not care. But after any thought at all, one should see that fraud drives up the cost for all of us.
> And the overhead of fighting this eats into school resources
Not if they continue to ignore it, because once again, it's not their money being sent to scammers.
> And loan fraud just drives up the cost of loans for everybody else.
Doesn't sound like a problem for the involved parties.
> So, sure, without putting much thought into it, an individual might not care. But after any thought at all, one should see that fraud drives up the cost for all of us.
You might care. I might care. But I guarantee that the involved parties do not care for even three seconds of their day about it. They have much more important things to think about, such as what color of the ballons for their kids next birthday party.
> But I guarantee that the involved parties do not care for even three seconds of their day about it.
yes -- based on real life interaction with real low-level accounting middle class bureaucrats in California, I agree that most of the people who are professionals in Federal student aid do not personally care about this bigger system. More importantly they care about their own paychecks, which most of them use to buy things for their own family events.
> Of the 40 students enrolled in her popular introduction to real estate course, Pugh said she’d normally drop three to five from her roster who don’t start the course or make contact with her at the start of the semester.
Key word: "popular."
A dean's most important question: "How are we gonna pay the bills?"
Well, if the number of ghost students in a department's popular class just doubled and eventually get dropped from the roll, that means the number of bona fide students completing that class also went down.
If you're the professor of that class, you want to make it crystal clear to the dean that this is an otherwise popular class getting hit by a scam, and not a class that's organically becoming less popular year over year.
Communicating this distinction to the dean is paramount-- the prof's pay and job stability depends on the scam being addressed for next quarter/semester. And those concerns bubble up from dept dean up the administration.
I mean, as I write this I start to wonder the opposite of you-- how could anyone in this chain of authority not prioritize addressing this issue?
Probably course completion rates and other metrics that make your service eligible for loans in the first place.
If course completion rate becomes the metric that brings in money, it will quickly soar to 100% or maybe above. See: Goodhart's Law.
I was thinking of students who dropped out. It's a different fraud if the institution is claiming re-enrollments that never happened.
Well, that's kind of the whole idea behind college, isn't it...
It becomes meaningless when the professors are pressured to pass failing students to make the numbers look good.
Like what happens with lower schools under the "no child left behind" doctrine?
>stop giving cash as financial aid and instead give some type of credit that can only be spent on/at the school.
Many students use their F.A. to pay for groceries or rent.
Turning it into company store credit is a really bad idea.
I don't know what CCSF's problem is, but this is the second major fraud case I know of that involves them specifically.
A few years ago (this was pre-pandemic, around 2018-19), you could buy those "unlimited-storage, never-expiring" Google Drive accounts online. I was curious about how they worked, and it turned out a few of my less knowledgeable friends had some. The ones I could get my hands on were all @ccsf.edu addresses, with randomly-generated but somewhat plausible-sounding names and surnames (something like "Zyx Ngehirda" or "Anqomi Horezis", names made up but it's roughly what they looked like).
From what I could figure out from these, I think you were able to sign up as a CCSF student with very little verification, and as long as you didn't take any courses, you didn't have to pay. You still got all your accounts set up though, including Google Drive, and you could sell those for a profit.
The accounts weren't actually as unlimited as the seller claimed, I asked a few months later and they were apparently shut down by that point. One person reported receiving an angry email (on that Google account) notifying them that the account will be removed if they don't sign up for a course.
This scam must have been heavily automated and very widespread, the accounts were sold on Allegro (Polish Amazon) for $1-$2. It's possible other institutions were involved too, the few accounts I knew of were bought at roughly the same time, so they could have come from the same "batch."
https://support.google.com/a/thread/121077097/my-account-doe...
Tragic
This is easy money for schools, students and faculty. Everyone except the taxpayers are making money. I taught at a CC and this went on for years-real students enrolling and not attending, false identities enrolled, no mandatory drops for students not attending or doing work. Why? Well, between Pell grants, scholarships and other grant sources, "students" are making 10-30K tax free, the school keeps all the payments if the "student" stays enrolled through census date as well as keeping all of their grant money, indirect and directs on TRIO grants, etc. Faculty sign these students out after the census date, thus having an EASY class(and breaking the law--that form requires a date of last attendance). I was not in CA and I watched dozens of students do this and the college was "blind" to the fraud...very convenient. The 'agonizing' problem is the scrutiny on a multi-million/billion dollar scam. We need students in these classes to call and report to ED when their class shows 20 enrolled but only 2 turn up each class. Offer them some student loan forgiveness and make then aware of what it costs them.
Like others mentioned, they describe the 'agonizing' problem, but don't explain how it works. The most charitable read is it's just plain old lazy journalism, the least charitable is they are hiding something and dancing around the issue.
What makes SF colleges susceptible to this? Are they implying it's incredibly easy for anyone to fill in a form online without any ID or verification and they get aid? Ok, why was that allowed? I am guessing it's to make it easier for people, to apply but also it looks good for enrollment -- "look at how many students we have". Being strict about verifying applications would mean also lower enrollment numbers. Some classes might not have enough students and would get cancelled. So someone there and possibly many someones looked the other way for many years.
Let's take a look:
https://www.ccsf.edu/apply-ccsf
> Starting February 2, 2024, CCCApply will be integrating identity verification through ID.me. ID.me will help protect student identities and prevent fraudulent students from taking seats in classes at CCSF. This is an optional feature for students.
> For students who cannot use ID.me, click on “Verify Later” to skip the ID.me verification process.
Ok, so still no need for any ID at all, it's all optional.
Yes, they want homeless or undocumented people from no valid identity documentation (from country of origin), minors? to have access. Ok, that's laudable, but shouldn't there be some kind of in person verification at least. I guess "verify later" is that part and it's skipped.
If you want to apply then you're funneled to either federal student aid, or California Dream act aid
https://www.ccsf.edu/paying-college/financial-aid-office/how...
One of those probably make it easier to apply to with a bot and without a valid ID. It would be nice of the article did that research instead of relying on random people do to it for them.
This article from 2014 explains it better: https://leb.fbi.gov/articles/featured-articles/pell-grant-fr...
That's a good summary, thanks! It covers Pell Grants well.
> A former college president and financial aid director in Atlanta used the names of former students and individuals who never attended the college to fraudulently obtain $5 million in grants.10 ... In another case, two former financial aid advisers and a tax preparation business operator in Chicago were charged with filing fake tax returns to obtain nearly $1.5 million in financial aid for 75 students over a 2-year period.
That's interesting. Maybe it's worth taking a closer look at the college administration? They have both the access, the knowledge, the opportunity and even the official motive - to bolster admission numbers.
It isn't limited to California. I've encountered it as a professor at a midwest community college.
Perhaps they are targeting community colleges in general, because of the proportion of online course there is higher and they usually have fewer IT and administrative workers to keep an eye on things. That's disheartening, community college, are gems and it help many people get up on their feet who can't afford to go to the larger universities.
It's was sad to see in https://leb.fbi.gov/articles/featured-articles/pell-grant-fr... that in one case the administrators of the college were the criminals doing it.
We are part of a system where each school is named College Name - City Name. And we were told that schools in towns earlier in the alphabet were getting hit before our school did.
I agree, I think it's dancing around the issue of identification, possibly undocumented persons, international students and cultural sensitivity. To push for greater identity verification could be interpreted by some as leaning in towards the mandatory ID political issue. Basically, schools don't want to be seen supporting mandatory ID because it makes them look aligned with the conservatives/Trump.
It’s not really about looks. If you collect this data, and enroll a student who is seeking asylum, the current administration will attempt to get this data from you to send your student to life in prison in El Salvador. Which is an impact a bit beyond looking aligned. (Of course, reasonable people can disagree about whether life in prison is an appropriate punishment for seeking asylum through legal channels)
> If you collect this data, and enroll a student who is seeking asylum
> a student who is seeking asylum, the current administration will attempt to get this data from you to send your student to life in prison in El Salvador.
That could make sense at one level, yeah. But doesn't US CIS already have contact information for all who applied for asylum in order to process the asylum application? And besides, this doesn't seem like an issue that just started this year.
Surely there is something that can be done in between "Giving them free taxpayer money without verifying that they exist" and "sending them to prison in el salvador for the crime of applying for asylum"
Sure. But "sending them to prison for the crime of applying for asylum" is the position in power at the moment, and they don't seem to be amenable to compromise. So you accept that as a fait accompli and design your own actions around that.
> But "sending them to prison for the crime of applying for asylum" is the position in power at the moment,
But if they applied for asylum doesn't the US govt already have their information in order to, well, process the asylum application. So, there is nothing for SF College to hide. Not saying that it all has to make sense, but that part doesn't seem to add up somehow.
Oh it makes sense when you translate “applying for asylum “ to the more accurate “illegal alien asking for government money”.
> the office estimates that 0.21% of the system’s financial aid was fraudulently disbursed, the spokesperson said
The optimal amount of fraud is non-zero. If your financial aid process actually has 0% fraud then it is guaranteed that (1) you spent more resources vetting applicants than saving from fraud and (2) a large chunk of deserving applications were denied in the process just to be extra careful. So the 0.21% seems pretty reasonable to me.
I think that depends on the ratio between detected and undetected fraud. Some fraud will only be detected once they find no one to pay for loans, or when the person being collected has go thru an insurmountable bureaucracy to prove they never enrolled it.
Given the evolution of the technology, I’d say 0.21% is neither static and guaranteed to raise significantly in the to near future if the identification issues don’t get solved overnight.
If there are over a million people in community college in CA so 0.21% is a huge amount of money.
https://lao.ca.gov/Education/EdBudget/Details/620
The argument here is that it would also cost a huge amount of money (potentially more money overall) to vet every applicant better.
Hey, there are no shortage of people that would spend a billion dollars trying to save a million dollars.
"The optimal amount of fraud is non-zero." No, the optimal amount of fraud is ZERO. The cost of fraud detection and prevention is different, but in an ideal society, the taxpayers aren't paying for fraud (because the people don't scam the government).
If fraud detection is so expensive, maybe it's important to be more selective of who has access to the community and keep the scammers out.
OP is making a reference to patio11's article https://www.bitsaboutmoney.com/archive/optimal-amount-of-fra....
"Ideal society" doesn't exist.
And how would you "be more selective" and "keep scammers out" without incurring more costs? At some point, it costs way more to prevent the last 0.1% or 0.001% of fraud than would be saved by preventing said fraud. And the cost might be paid by non-fraud being detected as false positive.
Acceptable and optimal are different words.
I worked in retail loss prevention, what is acceptable isn’t optimal.
> I worked in retail loss prevention
Your salary was the exact kind of thing that needs to be balanced against the cost of fraud; if it was larger than the amount of fraud you prevented, then the company would have been better off just accepting the fraud as a cost of doing business. The closer you get to zero fraud, the more expensive it becomes to reduce it further (and the more likely your countermeasures will negatively impact the business in other ways), so there definitely is an "optimal" balance to be struck between fraud and preventive measures.
You don't live in an optimal world so what use is it talking about? Are you also doing your business calculations using frictionless spherical cows in a vacuum?
Simply put every living system on the planet earth has some amount of parasites. To have no parasites at all would require massive amounts of energy by the host to ensure said parasites don't exist. If the host can spend a much smaller amount of energy and ensure that 99% of parasites don't exist that is optimal thereby negating your original premise.
This isn't limited just to California. I teach at a community college in the midwest and we have encountered this too in our online classes. Last semester I had 3-4 in one online class that were fake but a colleague had about 1/3 of her class.
They start the class doing work so that means we have to grade it. I first became suspicious when these fake students were posting message board posts that were all weirdly indented like they were from an email reply chain. I thought it was weird until I talked to my colleague who had the same thing. Then one of htem posted a message that was "Hello, I am a student from [insert town name here]...."
We turned the names in and the university used an id verification system and got them out of the class.
[flagged]
> In the 2024 calendar year, the [California Community College] chancellor’s office estimates that 31.4% of its college applications were fraudulent, a spokesperson for the office told SFGATE. The chancellor’s office also considers it fraudulent both to apply to a college with no intention of attending any institution and to enroll in a college with no intention of actually showing up.
If these are the criteria, it seems hard to distinguish high school seniors that are going go through the motions, but don't actually intend to go to college from people who are trying to pocket financial aid without doing the time in the classroom. (Is it financial aid fraud if you legitimately qualify for the aid, and show up to the classroom with no intent to pass or graduate? If the aid is non-recourse, it might be reasonable as a person to do so)
Specifically for California Community Colleges, the stakes are so low for enrollment, I can see a lot of people enrolling just in case, then deciding not to go and forgetting to notify the college. California Community Colleges are an amazing resource, though; I think more people should use them, and more states should build out their community colleges using California as an example. When I was in school in ~2000ish, Wisconsin community college charged the same amount per credit at UW and the Wisconsin Community College system; which seems like a great way to get people not to use community colleges.
And elsewhere it says "the office estimates that 0.21% of the system’s financial aid was fraudulently disbursed" which sounds pretty low and maybe not worth worrying about. "Zero fraud" sounds nice but probably costs more to attain than it's worth.
If only that college taught a statistics class or had a math dept that could explain this.
The math is easy. Getting people to accept what it means is damn near impossible.
I see mentions of "bots" and "AI" all over the article but is there a single actual example that shows that the fake students are AI bots? As opposed to the much simpler explanation that real people are signing up, collecting aid and then ghosting?
California determines how much money each community college gets using the 'Student Centered Funding Formula' (SCFF), which has three parts:
- 70% based on # students (adjusted for whether they're part time or full time)
- 20% based on # students who receive Pell Grants or similar
- 10% based on student outcomes like graduation or transfers to four-year colleges
Fake students would inflate the first two. So, even if fake students deflate the final item (eventually), what incentive do community college leaders (who presumably care about the number of staff they're able to employ) have to expel fake students, or even to be honest about their prevalence?
> "Bots don’t act on their own, there is almost always a human behind it"
Almost always? There always is
Almost certainly.
Setup a bot. Then die.
Depends on how far up the chain you go. I can see some oddball situations created when vibe coding meets unsecured AWS access keys. Imagine a rogue prompt deploying a self perpetuating worm that creates scam apps and uses the funds to create more scams.
Gonna fall apart at the first hallucinated API call.
There've been so many scams in California, I suspect someone is designing scams into these programs. Whether it's unemployment, Calpers pensions or student loans, it seems California government is allergic to common sense.
> 0.21% of the system’s financial aid was fraudulently disbursed
This is weird wording, or perhaps just lazy.
It’s probably supposed to mean fraudulently claimed, because fraudulently disbursed means the agent perform the dispersal is acting fraudulently.
Though there’s also the possibility of that.
This long article kept saying the bots were stealing financial aid, and yet never once explained how that worked.
Doesn't financial aid go to the school, not the student?
It depends on the aid.
Federal grants such as Pell are dispursed to the university which then sends any excess to the student.
Loans, which comes in a variety of forms, are dispursed to the student and then the student pays the university.
This can vary depending on the grant, loan servicer, etc.
No, federal student loans are also disbursed straight to the school, with the school remitting any excess to the student.
This problem feels like the scalping problem with concert tickets. Make the person enrolled show up with valid ID at a registration event after classes start. Have a few options for when to attend and verify in person.
This would root out all fraud and feels relatively low barrier for a community college student who would presumably be in the community.
I don't think you even need to go that far -- the problem seems to be on the side of the verification of financial aid being too lenient, right? How is that vetting breaking down? The typical financial aid forms and process is a pain in the neck. Money people usually require all sorts of documentation before they actually send you money.
Increasing the amount of documentation disproportionately hurts real students (or real social welfare claimants, etc). The scammers can figure out getting the fake documentation once and then scale the process - that's literally their business.
To deter scammers without the real applicants paying for it, you need quality, not quantity: proof of identity that is harder to fake.
You could hire a company or staff a team that meets people where they are to do ID verification in person. This is essentially how buying a house works with title companies. You can go to the title company or they can come to you for a fee.
people who are most familiar with what exactly is needed to pass, are the administrators themselves. This is a corruption problem coupled with automation. source: california resident
Corruption? You think the administrators themselves are doing it?
no doubt the readers here are very clever, but also sometimes lazy in their questions.
Take a look at how real financial crime is done.. the ones that know what they are doing, not the amateurs. Obviously the first item in a plan is "what is the cost of being caught" and quickly, "how can I get this to happen without doing it myself and getting caught" .. so it is a cooperative agreement, to be corrupt. The most successful of the corrupt never do any illegal things at all, they simply look the other way. Next is finding someone desperate, or far away, to "do the crime" but the successful person is involved somehow, in the most distant way possible.
Do I really have to type this out? I am guessing anyway. Did I say "the admins are making fraud things at night?" no. They mostly do not, but that does not make them not involved. Read what I wrote, that is what I meant to say here.
I like to see if people are willing to be explicit with silly claims, instead of hovering at plausibly deniable vagueness. I agree that you were intending to say something plausibly deniably vague, as you did.
Probably. But I suspect for the average person community college is trying to help, more documentation is more onerous and actually harder to get right. Instead an in person verification would be less costly for them to engage in and more understandable.
Kind of defeats the purpose of online classes. Some of the students could be many hours from campus.
Either way, this shouldn't get as far as it does. You can't just sign up for a class and expect financial aid - there are forms to submit (usually prior to enrollment) to verify ID, income, parental income, veteran status, and a whole host of other factors that impact the FA award amounts and whether that FA is a grant (often federal) or a loan (sometimes gov-backed, sometimes not).
This is for community college though which I believe only allows access to the local community and provides aid to that sub group.
Also I disagree with the premise of online classes not requiring some portion of enrollment being in person. The two can be compatible and probably drops this to zero.
There are so many layers of fraud to make this scam work. Fake enrollment seems easy enough, but financial aid requires a valid identity with real tax info. If you've already stolen an identity to snag a tax refund, I guess might as well file a FAFSA. But, the lion's share of financial aid goes directly to the school while only any remainder after tuition and fees goes to the student. I feel like unless this is happening at scale committed by relatively few actors, the return isn't worth the effort... if there isn't some further institutional coordination helping things along
At a community college, the lion's share of aid goes to the student for books, living expenses, etc. If they get a maximum Pell(~6K), a scholarship for underserved(~3K) and student loans (upwards of 10k) for 4k tuition, they are pocketing quite a bit. The community college can then dip into the state and national funding (TRIO, job readiness, local employer support). One student eligible for financial aid at a community college is worth about 3x what one student paying their own way is worth. How difficult would it be to verify identity and enforce attendance? THey don't to inflate their numbers.
I thought college is expensive in the US. This is the first time I learned that a random, unverified person can EARN money from going to a college.
Relevant (in my opinion "deep") meme video concerning related topics:
Raiden Warned About AI Censorship - MGS2 Codec Call (2023 Version)
https://www.youtube.com/watch?v=-gGLvg0n-uY
San Diegians: do you know how many bike lanes this could build?? so many we don't have to discuss closing the mission bay bathrooms during the week!!
I don't understand what the actual fraud is. Yes, fake AI bots are posing as real students to get financial aid, but this is ultimately paid to the school, not pocketed by the "student". What am I missing?
The person pretending to be a student will actually turn in home work and attend virtually until the balance of the loan and/or grants are deposited into their bank account.
It's legit to have extra funds to pay for education related expenses.
That seems like a bad scam that carries a lot of risk vs. low reward. These are community colleges. It's not like tuition is 30k a semester. Then you have to have a bank account to deposit the funds, which can trace you back. The article states fraud was $10 million last year. That's not a lot.
I don't know. If I were a criminal I'd look for something that pays out more if I'm going to expose myself.
Remember many people doing this stuff are stupid.
I had a high school friend use student loans to buy a car and rent a shithole apartment at 19. He’s probably still paying for that Toyota Camry now.
The article says they don't show up at all:
"Pugh said she’d normally drop three to five from her roster who don’t start the course or make contact with her at the start of the semester. But during the current spring semester, Pugh said that number more than doubled when she had to cut 11 students"
Sounds like these programs distributing aid are doing a poor job of verifying who's actually getting this money.
Surely this can't be completely anomalous? Certainly it's happened before where someone enrolls, receives financial aid, and then for any number of reason stops attending school? What happens then?
Or was that always a loss and now it's just easy to automate that scenario maliciously?
> balance of the loan and/or grants are deposited into their bank account.
Here's where the system is defective. The loan's balance should go directly to the college's bank account, as a tuition payment.
Suddenly, there'd be no incentive to cheat the system, while actual students who need help paying for tuition would have their tuition paid.
The aid is for more than just tuition, they often give you enough to live on.
Financial aid is given for cost of living, books, equipment, etc. Not just to pay tuition.
Additionally, tuition aid isn’t given directly to school: It goes to the student, who pays the school.
EBT cards exist for reasons like that. Issue a card with which you can pay for food, books, specific kinds of equipment, very much like many corporations give employees cards that are locked to particular classes of merchants. Limit the amount that can be spent on tangible goods; say, 80% should go to tuition. None can be transferred to cash accounts.
Maybe this would still allow some fraud, but much, much less profitable.
EBT was about reducing stigma and resale of food stamps and WIC. Even that was pretty limited — the amount of money skimmed for ATM fees from cash benefits exceeds fraud losses historically.
Same here. Creating some expensive and complex system that fights “fraud” that consists of people taking on lifetime debt is dumb. Make the services share the pain for bad underwriting and the problem goes away instantly.
Exactly, fraud is the cost of carelessness. I.e. you're paying the fraudsters to leave you alone.
Pell, direct, plus all go directly to the school.
I attended Community College exclusively on Pell Grants. My tuition was paid directly to the school. But we received a "textbook advance" of funds directly to our personal accounts, and whatever funds we didn't use for tuition could be used for any educational expense. Furthermore, I worked through the Honors program for additional scholarship money, and so there was more to be gained beyond covering basic tuition and textbooks. (Many classes used no textbooks at all, or free resources, so this was a pretty good deal.)
I had enough surplus to pay for a good APC UPS system as well as a 2018 Lenovo Thinkpad notebook. These were invaluable for my education, but they served me for years afterwards, personally as well as for employment.
And a fairly common refrain I've heard was "I can't afford another semester of college because all my financial aid only applies to tuition."
It was always a huge relief to a student if they managed to get a scholarship in cash.
Excess financial aid is pocketed by the student.
Which are loans. All this fraud to get a relatively small amount of money per fake student in the form of loans?
Pell grants
[dead]
Looks to me like a consequence of cost saving measures and the lack of an ID system.
Just like identity theft etc.
I'm a current student at CSM and will be attending SFSU next semester after initially dropping out and working in tech for a decade. So I have some exposure to this and regularly discuss the topic with faculty and participate in remote courses where this phenomena is most likely to occur. While CSM is not City College, I think its a fair comparison.
I really think this problem is being overblown and I am concerned politicians, voters, faculty, and students, will be negatively impacted by this kind of click bait journalism.
This article sucks.
> These “ghost students” are artificially intelligent agents or bots that pose as real students in order to steal millions of dollars of financial aid that could otherwise go to actual humans.
This claim is completely unsubstantiated. It links to a generic and unrelated SF Gate article. As technologists this claim is plausible given the current state of AI technology, but can we please provide evidence - is it the interviewed teacher making this claim or the SF Gate writer? Are there other sources substantiating this claim?
> A spokesperson for the California Community Colleges Chancellor’s Office directed SFGATE to a Public Records Request Act request to obtain the exact numbers. However, the office estimates that 0.21% of the system’s financial aid was fraudulently disbursed, the spokesperson said.
0.21% estimate of Community College disbursements. Not UC disbursements or CSU disbursements. Notice no monetary amount is mentioned.
---
There are real issues with "flighty" students who don't engage with the material, prolific AI use for many if not most assignments, and some really broken incentives.
There is also amazing free education for almost all income groups. Hard working students who have study groups and engage with faculty and eschew the use of AI because it detracts significantly from their education.
Happy to answer any questions about my experience over the past year completing an Associate Degree for Transfer - it is an excellent opportunity for California residents and I encourage folks of all backgrounds and age groups to explore the services they offer.
EDIT:
Calmatters [1] reported ($10 million) in fraud from community colleges in 2024, that's my bad in my haste to post a response I missed this point.
[1]: https://calmatters.org/education/higher-education/2025/04/fi...
IIRC to collect Pell you have to be enrolled past the withdrawal deadline. The CCs are keeping the disbursement fraud rate low by filtering initial admissions (they are estimating >30% fraudulent applications) and then kicking out bots before disbursement. The point of these articles is that this is costly: CCC admin has to spend >$100M on IT on the admissions end, the faculty have to police their online courses in a way that is really uncomfortable (false positives mean you kick out a real student), and even unsuccessful bots take up seats that then go unused once you pass the add deadline. The CCs need reform of the disbursement process or these costs will keep getting higher.
Sounds like something a ghost student would say.
it is predictable to attack the student point of view, agree there. What is also predictable is that casual, drive-by "concerned voters" who are typically decades past their own lean years in school, and care more about paying their own taxes than concern for young adults. The fraud here is connected to the administrators of the financial aid! They "slow walk" investigations (guess) since they are paid by the number of students who are active, and those numbers plummeted during Covid-19 and b) they are financially connected to the flow of money they look after. Community colleges are wildly varying in rigor and skill of administering. The whole political cover here is that casual observers (who might vote) quickly place blame on students or "distant others" .. How many mid-level accountants are owning vacation homes with extra money while students actually starve in high cost of living California? etc
[dead]
[dead]
[flagged]
Please don't do this here.
Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.
https://news.ycombinator.com/newsguidelines.html
We detached this subthread from https://news.ycombinator.com/item?id=43919039 and marked it offtopic.
Yeah, you're right. I made a better reply down-thread that I had typed out yesterday.
I didn't ask seeking victory, I just want to know the truth. It's a valid question on the nature of people. Instead of feeling defeated, I'd have genuinely appreciated it if you'd responded with research that supported your position.
You're at least the second person today who I've asked for a source. I was surprised by what I learned the last time and I'm glad to have learned what I did.
You don't have to feel defeated for not having sources to back up your world view either. Maybe you've lived your life surrounded by terrible people who genuinely wouldn't help someone else more often than not. Maybe it's made you bitter and sarcastic. Maybe it's worth considering where that bias comes from and how well it actually applies to the world beyond your own experience. I asked because I think it usually is. After all, maybe I've just been really lucky and it turns out that people really are most often just selfish and unhelpful. I wouldn't consider being wrong about that a loss or failure on my part, but I would take learning something new to be a win.
Also, since you brought it up, I'm pretty sure I have fact checked a song at some point. Not that song, but I'd guess that I'm not the only one here who has at least once. Folks around here tend to be curious about stuff. Most of the time, requests for sources or more information shouldn't be interpreted as an attack.
It's only with life experience that you get a "source" for general ideas about life and people. The idea of a "source" for a world view of philosophical perspective is contradictory.
Those who will take action based on a moral conviction, which doesn't have any discernible benefit for themselves or for the people they care about, are few between. And fewer yet in the world of academia and distribution of public funds. I wouldn't make my original comment if the topic was about a different sector.
Make your own observations about people and you will come to your own conclusions. What I've seen is that people might be idealistic when they are young, but when they're old enough to actually make a real difference, then very few will keep any convictions instead of putting them on the shelf and focusing on personal benefit. I refer to actions which truly make a difference in day-to-day life. Not voting, putting your name on a list, protesting or such.
> Maybe you've lived your life surrounded by terrible people who genuinely wouldn't help someone else more often than not.
This doesn't really apply to the people we surround ourselves with, as we all choose to surround ourselves with those people who treat us well. And there's benefit in helping your friends and family. Now consider somebody the handling the benefits payments of people completely unknown to her, who are just names in a database.
Since you sincerely want to have a productive conversation, I would like to give two different reflections on humanity, they a little bit of two sides of the same coin.
One is that you should never judge yourself by how others judge you. But most people make this mistake. It's natural, since children grow up in some kind of stable "community". The problem with this is that most people do not have enough experience together with you to make any sort of judgement, it's usually mostly from gossip and prejudice. It leads to a lot of unnecessary frustration among the youth to have to struggle with this, and unlearning this usually only comes with experience of being an adult. Because once you get older you have already met and dealt with so many people in life that you know that how they treat you says nothing about you and everything about them as individuals.
The other reflection is a flip on the golden rule. "Treat others as you wish to be treated", but this doesn't cut it anymore in modern times because very many people see themselves merely as numbers for the government, so they want to be treated like shit by their superiors and want to treat those below them as shit.
I say instead "Treat others as if they are the best". Especially when employing young people I've used this rule. Meaning, I will treat them as if they are honest, hard-working, reliable and intelligent. Because they will then automatically behave that way. Usually nobody has ever treated them like that before, so they greatly enjoy it. I think it's completely subconscious, people will fall into a role, especially when they're young.
This is why schools and academia is so utterly destructive, because they baby young adults and hinder them from maturing and becoming the best that they can be. A lot of work places do this as well. How can you as an employer demand that your employees should be responsible and hard-working, if you make up rules and such that clearly shows that you don't think so?
Treating people as if they're the best also means that you really quickly can identify out those who are not up to it.
I have to stop now because I'm ranting, but it's all connected.
[dead]
Now I'm even less inclined to take your anecdata seriously.
[dead]
Why is their any surprise? This is exactly the behavior being rewarded
Reminds me of a Frontline episode that was investigating dentists who did major dental work for poor people for payments from the government. The dental work was excessive and completely unnecessary. Dentists would set up entire clinics to do this and soak the government.
The laughable thing was the Frontline journalists were gobsmacked by people responding to big money incentives. They couldn't believe it!
There are also clinics set up to optimize extracting money from medicare.
Faculty and administrators were already stealing millions of dollars in financial aid by making tuition so exorbitant.