Beware: Back-to-School Scams Targeting Mexican Families

MEXICO — The imminent return to classes has triggered alerts from cybersecurity experts as criminals exploit school purchases, student rentals, and fake scholarships to deceive parents and students.

The cybersecurity company ESET has warned that identity theft, fake websites, and public networks significantly elevate the risk during the school season. With millions of children returning to classrooms and students moving to new cities for university, families are hunting for the best deals, a situation cybercriminals are poised to exploit.

According to ESET Latinoamérica, at least six distinct scams are being deployed by virtual criminals in the lead-up to the Back to School period. The return to classes is being leveraged for digital fraud, ranging from fake emails and non-existent scholarships to simulated rental properties.

The cybersecurity firm states that during this time, a school supply list with the lowest price or a rental property offered at the best cost online could be a fraud. Cybercriminals, it maintains, find ways to mix their virtual skills with an emotional hook, which is when a person falls victim.

“The return to classes is a time of preparation for students and parents, marked by an increase in spending by Mexican families; however, it has also become a period of high risk for falling victim to digital fraud,” ESET detailed in an analysis.

According to the National Association of Supermarkets and Department Stores (Antad), Mexican families spend an average of 7,500 pesos on expenses related to the start of the school cycle. This flow of banking operations and digital purchases creates “an ideal scenario for criminals to put into practice deception tactics that combine social engineering, identity theft, and website forgery.”

The Scams

One of the most common frauds during this season, according to ESET, is the impersonation of educational institutions. Through fake emails that use institutional logos and language, cybercriminals request payments from parents.

This activity has escalated to such a degree that the National Autonomous University of Mexico (UNAM) has warned through various media about messages demanding deposits for a matriculation cost, accompanied by threats of legal action if the payment was not made.

Another scam involves fake websites selling school supplies, books, and uniforms. These sites are designed to look like legitimate stores, request upfront payment, and disappear after receiving the money.

ESET notes that there are also fake scholarships and support programs where criminals pose as official program sites and request bank details to supposedly transfer financial support. Once they obtain the data, they disappear.

Additionally, fraudulent job offers target students online, requiring payments to process the employment or requesting bank details for a supposed payroll deposit.

Through malicious public Wi-Fi networks near schools and bookstores, criminals intercept sensitive information such as passwords, banking details, or access to educational platforms.

Another scam involves rental property or roommate searches, featuring attractive listings of spaces or rooms for students. The scammer requests an advance deposit and never arrives at the location.

Social Engineering, Still Prevalent

“These frauds combine psychological strategies with technology. The urgency to enroll a child or take advantage of a special offer makes people lower their guard and not verify the authenticity of the message or website,” said David González, a cybersecurity researcher at ESET Latinoamérica’s laboratory.

He specified that cybercriminals constantly update their methods to evade timely detection of fraud, and new variants of digital scams emerge every year. They even use stolen databases to personalize messages with specific information, such as the student’s name or school grade.

This personalization, the specialist stated, increases the probability that victims will fall for the fraud. “Therefore, digital education plays a fundamental role, as teaching parents, teachers, and students to identify warning signs is as important as training them in the use of basic technological tools. Constant education allows for effectively anticipating and responding to the new tactics of cybercriminals,” concluded González.

Some Advice

To avoid being victims of fraud during the back-to-school season, ESET recommends that the public carefully verify the senders and domains of emails before clicking any links or making payments. Users should ensure they come from official and trustworthy sources.

It also advises making purchases only on official websites or recognized merchants and avoiding links shared on social media that lack verifiable backing or references.

“The use of public Wi-Fi networks for operations involving sensitive data, such as shopping or banking access, should be avoided. Personal, banking, or confidential information should not be shared through unverified channels or in response to suspicious messages, even if they seem urgent or come from known institutions.”