Most of us will incur some type of student loan debt by the time we graduate from law school. Depending on the professional path we choose, it may take more than a decade to be debt free. Today, student debt in the United States amounts to more than $1.5 trillion, which has made this lending industry a desirable target for cyber threats.
With more than 44 million Americans having at least one student loan, scammers do not have much trouble identifying borrowers.
A study conducted by the American Bar Association Task Force on Financing Legal Education in 2015 reported approximately 90 percent of graduates borrowed money. Since law school is among the professional programs where students need to borrow the most money – and lawyers are reportedly taking longer than other borrowers to pay back loans – law graduates are more susceptible to being targeted by cyber threats and scams.
Keeping our personal information safe may seem like a daunting task in times when data breaches are becoming more and more common. While we do not always have absolute control over how some of these companies or individuals gain access to our personal information, there are steps we can take to secure our data.
‘Ghost’ the scammers
Use multi-factor authentication and incognito browsers whenever available, read user agreements before downloading new apps or opening new accounts, and avoid the use of public or unknown Wi-Fi networks. Furthermore, certain browsers and extensions are able to prevent websites from using cookies to collect location, word searches, or other identifiable information. Blocking this information limits the advertising you’ll get from scammers or predatory companies.
When it comes to these companies, Sam Adler-Bell, who is a Senior Policy Associate at the Century Foundation, argued in a 2015 article that Google may be helping them find you. When I spoke to Adler-Bell, he pointed out the search engine we use, the terms we search for, and the links we click may be enough for companies to identify us as potential consumers.
Debt relief may not spell relief
What was concerning to Adler-Bell a few years ago, which was also on the radar of the Consumer Financial Protection Bureau, was student debt scammers may be using ad services to attract student borrowers. When I searched for “student debt relief” just a few moments ago, I noticed the issue is still present. Like Adler-Bell, I also had to scroll through various ads before I could get to the Federal Student Aid webpage, which offers free information to help students understand and manage their loans.
If you are looking for guidance regarding how to protect yourself from loan scams, The Office of the Federal Student Aid is a great place to start. On its site, it clearly states: “there is nothing student loan debt relief companies can do for you that you can’t do for yourself for free.”
While not every company offering to help you manage your student loans for a fee may be ill-intentioned, you should be aware that aggressive advertisement asking students to call immediately or offering complete discharge is not coming from the U.S. Department of Education or its partners, which are listed here.
According to their website, other ways you may be able to differentiate is if you are being ask to pay upfront or monthly fees to receive services, ask you to provide them with your FAFSA ID, or ask you to sign a third party authorization form or power of attorney.
Find your allies
There is not an easy solution to ensuring your personal information is protected. For that reason, it is important to find allies and continue to learn about best ways to safeguard our data.
For instance, our colleagues often play an important role in our ability to identify and respond to cyber threats. Following my coworker’s suggestion, I had the pleasure of attending the 50 Tech Tips webinar this summer, hosted by Legal Services National Technology Assistance Project and probono.net. Irene Mo, one of the presenters and a 2017-18 NextGen fellow at the ABA Center for Innovation, shared useful tips, many of which are summarized below, regarding data privacy and security risks.
- Prey: This app offers the possibility to track multiple devices. Similarly to the Find My iPhone app, Prey is able to erase your data in case the device is stolen.
- Privacy Screens: These screens can be particularly useful if using a personal computer in public places such as coffee shops or classrooms. Even the information displayed is not confidential, these screens can be helpful in limiting others from seeing the content on the screen. This product may not only be beneficial to us, but also to our classmates who may get distracted by the brightness when using our laptops in class.
- LastPass: This is a password manager tool that enables you to keep the passwords and usernames for your online accounts safe while easily accessible. Whether you choose not use LastPass, it is good practice to adopt multi-factor authentication whenever available. Unlike other password managers, LastPass offers you the opportunity to answer a question in order to retrieve your master password in case it is lost.
- HTTPS Everywhere: This is an open source browser extension from The Tor Project and the Electronic Frontier Foundation that directs users to the more secure version of a website. For instance, if you clicked on a link with the HTTP connection, you would automatically be redirected to HTTPS version if it is available.
- uBlock Origin: This is a cross-platform browser extension that allows to block adds and gain control over the content users see. Similarly, to block unwanted robocalls and texts from loan companies, the FCC suggests you can register your phone number on the Do Not Call list by calling 1-888-382-1222 (voice) or 1-866-290-4236 (TTY). Alternatively, you can register online at donotcall.gov.
- If you already implemented the suggestions in this article or they do not apply to your needs, you may want to check out the Security Planner developed by Citizen Lab, which can provide personalize information beyond what is included in this article regarding steps we take to protect our data.
You can see Irene’s tips and more in the webinar replay. You can also find the slides from the webinar on SlideShare.