WARNING: CSS Profile / IDOC Web Site Hacker

Paying for College
1

<h2>I completed my son’s CSS Profile this morning and had to submit documentation through IDOC. The CSS site has the following instruction:</h2>

<p>What do I need to do?</p>

<ol>
<li>Go to <a href=“https://idoc.collegeboard.com%5B/url%5D”>https://idoc.collegeboard.com</a>.</li>
</ol>

<h2> 2. Click the “IDOC” button. </h2>

<p>Being lazy, I copied and pasted the URL above into my browser. Luckily Firefox gave me a strong warning message about the site using a bad certificate. It took a minute or so to see the problem and to avoid an attempt at identity theft - on the next screen you enter a social security number. </p>

<p>The problem is the period at the end of the URL. Eliminate the period and you are at the College Board’s site. Leave the period in and you are taken to a hacker’s site.</p>

<p>ALSO: If you are using Firefox on a Mac, you won’t be able to download the required IDOC cover sheet. Switch to Safari and you’ll have no problems.</p>

2

<p>I tried it both ways, and the period just gets dropped automatically from the URL once you go past the warning screen. I’m not sure this is a hacker thing. I certainly have never heard of any such problem and I’ve been doing this myself and helping others with Profile and IDOC for a few years now. Maybe someone who knows more about computers than me will chime in.</p>

3

<p>This is very odd. I tried it too (added the security exception and everything). </p>

<p>The weird thing is that a pop up opened, and it closed. So, I’m not sure if that’s something to worry about or not.</p>

<p>As long as the link says “https” instead of “http,” it should be a secure site. </p>

<p>Blah. This worries me. :frowning: Some hackers can be verrryyy good and discrete with what they do.</p>

4

<p>Sooooo, I asked my dad (he’s a programmer). </p>

<p>He said that, technically, any site can be mirrored with the same URL and all that. He said to only go on websites that you know for a fact are secure and legit. Any hacker can put up a secure website that isn’t secure at all and any hacker can mimic the same URL of any website. </p>

<p>Be careful guys!</p>

5

<p>you guys are scaring me. I just got an email from FAFSA (i just finished yesterday) telling me to review my info and linked me to this website</p>

<p><a href=“Federal Student Aid”>Federal Student Aid;

<p>I also got the firefox message but I went ahead and entered my ssn and whatnot. i’m ok right ? seems like the real site…</p>

6

<p>FAFSA has been having trouble with this for a couple of weeks - I kept trying to click our link to get our SAR only to have a message come up that was very fishy for the linking site. I called FAFSA and they said they have been trying to get that “fixed” - they recommended I just to to [FAFSA</a> - Free Application for Federal Student Aid](<a href=“http://www.fafsa.gov%5DFAFSA”>http://www.fafsa.gov) and retrieve our SAR that way.</p>

7

<p>Second year of doing this and for the first time I got a message saying I had to update my SAR because I clicked ‘will file’ - basically said it would not be processed until I had gone on to the site and changed ‘will file’ to ‘did file’ - I just went to do that and got the same warning from firefox that andrewexd did - so I did NOT link to it. Instead I went to the FAFSA site and looked at the SAR that way - there is NO indication that I have to amend my FAFSA - seems fishy to me. Anyone else get anything like this?</p>