It’s interesting to see this thread crop up here, as I’ve only recently left CCC system for a job in tech after being in IT within the system for about 14 years.<p>This particular issue over the last year or so has gotten worse, with more eyeballs on it, once actual money became involved (before it was still an issue but on a smaller scale mostly for the free edu emails we tend to issue, along with other freebies that can help enable, such as free credits for Azure or other services).<p>Even in the previous cases, I was annoyed/upset because in my mind the first line of defense the colleges have is preventing these fake users from being able to submit an application successfully in the first place, since the OpenCCCApply application (which I believe is used by all ~115 CCCs) was allowing the submissions in the first place…and since we mostly bring that application data into the individual colleges, not many triggered a “hold” on our end.<p>Yes, CCCTechCenter (which helps manage the team which maintains the OpenCCCApply system) have done a few things over this past year that are mentioned in the article already (but based on the article I can’t tell 100% if it is really indicating the issue is still rampant in the more recent semesters…one of the changes was adding usage of an IP reputation checker in for example, but there are likely ways around that too for these folks who actually don’t seem to actually use bots…maybe they use actual people instead based on what I’ve seen, such as the YouTube video shared in the article).<p>What I found really annoying by it all is that while the problem originated from the systems being provided to the colleges from the state level (OpenCCCApply mainly), the individual colleges are now on the hook to gather a bunch of mostly useless data, and go on silly adventures such as investigating IP address info within our other systems (like Canvas) to help find or report the fraudulent activity.<p>I think I saw FAFSA mentioned a few times but I don’t think there is a ton of fraud coming from the FAFSA application too directly…but in this past year many of the colleges have been putting COVID relief funds they’ve received (to help get students/staff back on campus) and using those to pay for fees or provide an extra amount for books, etc. which isn’t something that will continue forever (in fact, I think for this summer this will already have ended, or it will be the last semester where it will be offered).<p>In most cases, once the incentive is taken away, or the bar to get it is made higher, these folks creating the fraudulent accounts will generally move on (or target schools that don’t implement some of the 2nd layer fixes at the college level…unfortunately while the CCCTechCenter tries its best, it doesn’t typically fully acknowledge its role in creating some of these situations, and I almost lol’ed when I saw towards the end of the article I saw they are looking to get more funding to “modernize” it, yet again, considering a lot of effort / time / money already has gone into creating the current OpenCCCApply system not that long ago from the previous system, which was pretty bad in comparison).<p>Overall though this particular situation is at the same both more complex and simpler than folks may think, once you have some more details (more complex because there is a lot about what’s going on in the CCCs the HN community isn’t aware of, along with super strict regulations that have to be followed within the individual Financial Aid departments at each school, otherwise they win not be able to provide federal aid monies to students if they weren’t doing so, making that avenue for fraud a lot more less likely than the scenario I shared above on how the COVID relief monies have been being used instead to provide an incentive to get students back in the classroom…along with the solution being simpler since we already have a central application process that should be the system that keeps these applications from ever reaching the individual colleges, but it fails in that regard…that along with removing the financial incentive currently present, should reduce the fraud levels considerably…although there are likely a few more complexities even I am unaware of…I would just appreciate it if the search for fraud wouldn’t get pushed onto the individual colleges in these situations where a system wide protection should have prevented the situations in the first place, mainly because it causes a ton on unneeded busy work at the colleges keeping IT System Analysts and other technical folks from focusing on other, probably more important, internal projects).<p>Excuse any typos…I wrote this small novel on my phone.