Tuition Payment Scams via Email
Criminals send spoofed emails posing as universities or payment portals, diverting student tuition payments to fraudulent bank accounts.
Part of: Tuition Payment Scams
Last reviewed: 1 June 2026
University finance departments and students exchange large sums around enrollment deadlines, making email the ideal vector for payment-diversion fraud. Attackers compromise or spoof institutional email addresses to intercept payment communications and redirect funds.
Students and parents, already under stress at enrollment time, may not scrutinize sender addresses carefully. A convincing email announcing 'updated banking details' can result in a semester's tuition — sometimes tens of thousands of dollars — transferred directly to criminals.
How this scam works on Email
Attackers register lookalike domains (e.g., 'university-payments.com' instead of 'university.edu') and send emails that perfectly mimic the institution's branding. The email claims that banking details have changed due to a system upgrade and requests the student to update their records before the payment deadline.
In more sophisticated attacks, criminals first compromise the email account of a finance officer via phishing, then send payment-change notices from the legitimate address. Students see a genuine institutional email address and have little reason to doubt it.
Some scams target international students transferring money across borders, where the payment journey is already complex and unfamiliar, making a 'new IBAN/routing number' seem more plausible.
Common red flags
- Email requests updated banking details close to a payment deadline
- Sender domain does not exactly match the official university domain
- Email asks you to keep the new details confidential
- No official announcement on the university's website portal
- Urgency phrases such as 'act before midnight' or 'deadline extended only for you'
- Reply-to address differs from the display address
How to protect yourself
- Always verify changed payment instructions by calling the university finance office directly using a number from their official website
- Never use contact details embedded in the suspicious email
- Log in to your student portal directly to check official payment instructions
- Enable multi-factor authentication on your university email account
- Confirm large transfers with a second person (parent, guardian) before executing
- Ask your bank to apply a short delay on large international transfers to allow time for verification
How to report it
- Notify the university's IT security or finance team immediately so they can warn other students
- Report the spoofed domain to the registrar using ICANN's WHOIS Abuse Contact
- File a report with your national cybercrime unit or consumer protection agency
Frequently asked questions
Will my bank refund a misdirected tuition payment?
Recovery depends on how quickly you report it and your bank's fraud policy. Authorised push-payment fraud is often harder to recover than card fraud; contact your bank within hours and also contact the receiving bank to freeze the funds.