Chinese students in UK ripe target for scammers exploiting visa concerns

Scammers are exploiting Chinese students' Brexit fears by targeting them with phishing emails claiming their visas could be revoked, threat intel researchers say.

The swindle, a latter-day variation on an age-old theme, consists of presenting a threat to students' immigration status "and uses various techniques to extract sizeable payments from the victims", according to Malwarebytes.

Pointing to open UK student admissions data as a "broad surface of attack", Malwarebytes reckons that this openness leads to scammers knowing exactly which institutions to target. This, it said, lets criminals easily exploit current Brexit-related visa fears to target naive students, most of whom will be living abroad for the first time ever.

"There is a persistent incorrect stereotype that Chinese students in the UK all come from wealthy families," said the firm in a blog about its findings.

While scams targeting overseas students go back years, its latest incarnation revolves around using stolen credentials to target vulnerable marks. In one example, a student whose laptop was stolen at Heathrow Airport began receiving phone calls from people claiming to be Chinese Embassy workers. They said the student had been implicated in a money-laundering scam.

To convince students that the scammers were actually police investigators, they were sent links to a website appearing to belong to the Chinese authorities. Displayed on that website was personal data that had been lifted from the student's stolen laptop – scans of ID cards, mugshots, banking details, and so on.

"By the time they'd forced the student to upload a recorded statement to the social media site QQ and threatened them with deportation and imprisonment via web streams of men dressed up as police, they were likely too panicked to realise where they'd obtained all this information from in the first place," said Malwarebytes' Christopher Boyd.

Once targeted in this way, marks were "encouraged" to send large sums of money to the "prosecutors" and buy them off.

Aside from the general security advice – encrypt your devices, enable multi-factor authentication and use password managers – the most important point is that UK authorities do not phone people up or contact them online to tell them they're under investigation.

Nor do they demand money over VoIP calls. If you or someone you know starts getting messages from people claiming to be investigators, tell your university staff or even contact the police yourself through non-emergency means to verify the messages. ®