The “ghostly” epidemic attacking California's community college system, along with universities in Arizona, Indiana, Oregon, New Jersey and Michigan, is working to protect institutions from forced AI fraud that attempts to return to school and merge with legitimate students.
Synthetic or “ghost” students refer to the masses of forged or stolen identities that scammers use to infiltrate university applications and registration portals in thousands of minutes. This usually results in bare bones for admission staff on holidays, weekends, or other times. If they are successful, the fraud ring attempts to enroll fake students in the class and apply for financial aid. Ghost Wheeler relies on using AI to submit homework. This is to prevent you from being dropped from your class. Sometimes the only thing they run away from is their university email address. But even that was worth it and security experts said they gave the scammers a veneer of legitimacy as a college student. A simple email address that ends in .EDU allows discounts on laptops, software and music streaming services, and critically, scammers can use their student identities to fraudulently apply for jobs in the company.
The Ministry of Education launched a national program in June to eradicate identity theft at universities, requiring new identity verification procedures to commence the fall 2025 school year. The DOE found $90 million paid to ineligible students, including $30 million spent on the stolen identity of a deceased individual.
The LightLeap.AI platform, which is being deployed among universities across the country to compete with students from Tech Firm N2N Services founder Kiran Kodithala and Ghost, said the percentage of fraudulent students in California's community college system is around 26% with 75 universities and 1.2 million applications. Outside of California, the LightLeap system has discovered that about one in five applications is a ghost student. This fraud rate applies to 24 non-Calif. Universities of California, where around 340,000 applications will be processed this summer.
In rural Oregon, Lane Community College officials are preparing for the fall 2025 onslaught from ghost students. luck. The university had just begun a new streamlined application process designed to simplify student enrollment, and was first attacked in the fall of 2022. That weekend, the lane saw about 1,000 applications flying through the system. This was very unusual for a university with around 5,000 students.
Whiting and her team saw regular fraud markers, such as similar area codes, email addresses, and phone numbers, in hundreds of applications. Whiting had overridden all email addresses for around 1,000 students and required additional identity verification measures. But the con man pivoted. By summer 2023, the ghosts had taken a new approach to infiltrating the system, filling up the seats on the course without prerequisites. The university moved to implement a $25 application despite opposing its institutional belief that it is a community resource without barriers.
But the con man has once again become zigzag. In the summer of 2024, around 300 applications flowed simultaneously, Whiting said, and the school dropped everything from the class. Now, Lane is weighing the idea of whether to implement third-party AI companies to enhance their defenses. The staff are wandering around for fraud, but it doesn't consist of cybersecurity experts, Whiting said. Admissions and faculty focus primarily on educating students and incorporating them into the right classes for their career paths.
“We have open access,” said Colman Joyce, Lane's vice president of student services. “Take more steps to enrolling students adds more barriers and we are community colleges. Many students are not tech-savvy when they come here.”
In California, community colleges must accept eligible students and do not have an application fee to apply. Koditara said there is debate as to whether universities in other states will see the same surge in attacks as California. Especially if there are additional hurdles to clear application, registration, and registration in classes such as application forms and fees. So far, it has run the range with or without charge, he said. For schools outside of California, fees are around 8% to 15% fraud claims, Kodithala said.
Craig Manson, Minnesota's Chief Information Security Officer, who oversees 26 community and technical colleges and seven universities, said the state uses AI and has partnered with other schools and security consortiums to find new tactics where ghost students are trying to penetrate the school system.
“Just as we use AI to protect ourselves, attackers continue to use it in new and interesting ways,” Manson said. “It's kind of like a weapons race. Every six months, an attacker tends to stop one way of doing things and move on to another tactic.”
Others in similar roles to Manson have declined to comment on certain fraud markers seen this fall, but the tactics of fake students who have not been successful a few years ago have been linked to similarly-looking randomized email addresses, as well as the same address and phone number. The attacker then changed the gear.
In schools, the problems become complicated. Community Colleges aim to be an open access educational institution that is affordable for those looking to earn a peer degree, work towards a career change, or pursue their passion. As California has been working on a pack of ghost students, authorities have debated enacting nominal fees to add friction to the application system.
The Minnesota system includes three universities that charge minimal application fees, four universities that don't, and seven free universities and 19 universities. However, Kodithala pointed out that adding the application fee will invite credit and gift card fraud. Manson said he saw the same problem in Minnesota. It also provides false sense of security when schools believe that scammers won't pay thousands of dollars easily, Koditara said.
“It's easier for them to steal because they know that all they have to do is pay,” Koditara said.
Travis Bloom, vice president of student affairs and admissions at Bay de Knock Community College, Michigan, said the school doesn't see horde of ghost students like other schools in Michigan have, but he's ready if he does. And he said the school has only around 2,000 students in two locations, so staff are running a manual application review process. The suspicious-raising application will obtain an additional look and future students will be asked to verify their identity through a notary or in-person visit.
As a leader in community education institutions, Blume struggles with the same problem of adding friction to systems that make it as accessible as possible. “Community Colleges are about welcoming people and getting an education,” he said.
Yet despite the vulnerability of community institutions to AI-enabled fraud schemes, experts are working to protect the financial aid available to students.
“Fraud in higher education should be seen in all severity and should be part of the overall risk calculation,” says Manson of Minnesota. “It's important to have strong connections with both local and federal law enforcement and information sharing groups, gain the right threat intelligence and be flexible in your answers. As attackers change, we need to change with them.”
