Like anyone else on the internet I am constantly bombarded with spam. A large number of them are dire warnings that my fill-in-the-blank account is in some sort of dire peril if I do not immediately update my information by immediately responding to this E-mail. When I hover over the sender’s address I find that these mailings are from individuals whose addresses end in “.edu,” meaning that the server that sent the message was associated with some educational institution. I have received messages that my Yahoo, Google, Chase Bank, American Express, Wells Fargo, WordPress, Facebook, etc. accounts must be immediately fixed by some service that only those sending the E-mail can supply. Sometimes these are even accompanied by photos of buildings, the companies’ logo or other readily identified objects.
This type of fraud is within the FBI’s mandate, but the FBI does not have the manpower or interests to investigate these 100s of thousands of fraudulent e-mailings. It would seem like the companies who names are being used would also have an interest in stopping this practice and in prosecuting those who are making illegal use of their names, but they do not bother with making cases against this type of fraud either, even though it is having a adverse impact on their customers.
How is this type of fraud done at Universities and Colleges?
There are three obvious ways:
1. Students wanting to help defray some of the increasingly high costs of getting a college education may be conducting these types of fraud to provide income. They can convince themselves that this is an “innocent crime” in that anyone’s loses will be covered by insurance or by the credit card companies who have ample resources to cover the loss. The more bold among them will plant viruses in their target’s E-mail accounts to possibly gain access to bank accounts, demand payment to unfreeze a computer or crash the entire computer just for fun.
2. Since student’s names are directly associated with these addresses usually in the form of “first name.last name or initial.letter designation of institution.edu” such as in email@example.com, or firstname.lastname@example.org, it is very easy to go to an old university yearbook from five-years ago and look at the names of the graduating class and reconstruct the likely e-mail addresses that the students were assigned since they often had a set format. Running these names against a algorithm of commonly used computer passwords will discover some e-mail accounts that are still active, even though the students have not been at the institutions for years. Then it is a very simple manner to forward any e-mails received to any address in the world. Now that Jason has left the university he has different e-mail addresses at home and at work and will not think it strange should he find that he can no longer access the e-mail account that he used at school.
3. The University’s computer system can be hacked into directly, and any number of fictional names might be entered and those e-mails forwarded anywhere else. On the surface, nothing would appear to be wrong with the system except that there are students in the server that never attended the institution.
How can fraud operations like this be corrected or reduced?
While I am speaking particularly about Universities and Colleges in this post, exactly the same techniques could be used for computer servers associated with Grammar and High Schools or any other institution.
1. Students should receive a unique e-mail address that is not so readily discovered.
2. Once a student leaves an institution that address should be completely inactivated.
3. Institutional computers should be periodically scanned to insure that those addresses listed are for those who are students, faculty or off-site researchers who need access to the server.
4. A central database for the addresses of these fraud-extracting accounts should be established so that the Provost of the institutions can be notified of how prevalent these activities are on their university servers so that corrective action can be taken. This is not an innocent activity. These educational institutions were founded to promote the public good, and they should not be partners, even unwilling ones, to illegal activities.
5. Yahoo, G-mail and other mail providers who have already identified spam have the addresses of suspected spammers accounts and should be mandated to contact colleges, universities and schools and inform them of these illegal activities. They have the money and resources to perform this public service, and it would seem that it would be in their self-interest to do so.
Can this be a business?
Since this blog is about business, and I state that, “There is nothing in human experience that cannot be turned into profit by an inventive mind,” is there a business opportunity here? The answer is, YES.
Step 1. Start a blog titled “College Computer-Assisted Fraud.”
Step 2. Invite anyone who has received an e-mail with a .edu ending to send you a letter containing the address and the subject material like “Yahoo shut down, Verify your Chase account” or the like, and collect a few thousand responses.
Step 3. Identify the institutions from the addresses.
Step 4. Contact the Provosts of the institutions and offer to sell them the listings that you have received that came from the school’s server and provide updates as new addresses are reported.
Step 5. Form partnership with e-mail services.
Step 5. Write and sell a newsletter of such fraud to subscribers.
Anyone with access to a computer can provide this service from a home office anywhere in the world. The only other thing required to make it work is time and publicity. I will be happy to work with any interested party on this as part of my Profit series of companies.
My book, Create Your Own Job Security: Plan to Start Your Own Business at Midlife, is in the final stages of completion and should be ready in August. I am offering signed copies with free shipping for advanced orders. You may place your order using the PayPal button below.
I am accepting advance orders for my new business book, Create Your Own Job Security: Plan to Start Your Own Business at Midlife, which may be made by using the PayPal button below. I also have a Bonus Offer that includes a Free e-mailing of the Table of Contents, Preface and a Book Chapter, Love Your Work and Live Longer. There is also a Super Bonus for the first 25 to respond which is a Free 15-minute telephone consultation. To receive either reply below and describe what you would like to receive or discuss. I will arrange a time and date for the consultation.
Create Your Own Job Security
Generally available for special promotion price of $10.99.