boy getting money out of an ATM machine
boy getting money out of an ATM machine

Students Warned Of Loan Drop Scammers

Young people are being urged to take better security precautions as Gen Z are revealed as the most likely generation to fall victim to hacking.

According to the latest ONS data on fraud and computer misuse, young Brits aged 18-24 have the joint highest percentage of those falling victim to ‘unauthorised access to personal information’, which includes hacking. Millennials aged 35-44 also face the same rates of hacking.

In fact, Gen Z are THREE times as likely to fall for this kind of fraud than those 75 years or older.

Gen Z Brits are also twice as likely to fall for cyber fraud than non-cyber fraud, a trait also common amongst older Millennials, Gen X and Boomers. 

98% of UK Gen Z’s take precautions to keep their information protected from scammers, yet a third (34%) admit to falling victim to some kind of online scam in the past — according to our latest survey.

When it comes to university students in particular, two in five say they are more cautious with their online protection around loan drop dates. However a worrying 59% admitted they don’t pay their financial security any more mind during these times.

With April loan drop not too far around the corner, here’s what you can do to keep your personal information more secure from sophisticated scammers and hackers.


Despite being digital natives, Gen Z’s have the HIGHEST chances of having their personal information accessed by an external source, more than any other age group (apart from older Millennials). They’re even three times more likely to experience this kind of hacking than Post War folks (those aged 75 and up).

Luckily, only a minute percentage, the 3.3% of Gen Z have experienced unauthorised access to personal information towers above the national average of 2.5%.

Unfortunately, Gen Z women are found to be disproportionately affected by hackers with a third more women than men reporting this kind of fraud (3.7% of Gen Z women vs 2.9% of Gen Z men).

Top tips

  • Get a password manager to store your passwords securely. Most will also suggest strong passwords, making it harder for scammers to guess their way into your accounts.
  • Use a VPN to hide your IP address from would-be hackers. Providers like NordVPN can offer a layer of protection through data encryption, plus you’ll get tons of other benefits like being able to change your online location.
  • Make sure to only use encrypted USB sticks that you trust, especially when dealing with sensitive files. Who knows where those freebies at the Freshers’ Fair have been…

Bank and credit account fraud

When is comes to bank and credit card account fraud, Gen Z come off fairly lightly.

Just 2.6% of this age group have been affected, making them the least likely generation to have experienced banking fraud.

However, this doesn’t mean it doesn’t occur.

Top tips

  • Use two-factor authentication to ensure your personal details and online money are as secure as possible behind multiple barriers.
  • Set up a payment limit on your card. This means if someone has your details before you realise it, there’s only so much they’d be able to spend before your card automatically locks down.
  • Be cautious with the information you have readily available online. Simple data like date of birth, phone number, and address can easily be used in a scamming attack against you.

Suspicious messages

Interestingly, Gen Z are one of the least likely generations to receive a suspicious messages (39.4% vs the national average of 49.8%).

However, our survey reveals a third of Gen Z claim to not be cautious about opening suspicious looking emails – only half say they would confirm with their bank directly if they were to receive any sceptical correspondence from anyone masquerading as them.

Top tips

  • Learn to recognise key characteristics of a phishing email. They likely will include an urgent action or threat, and often have subtle misspellings in the email domain (like spelling Microsoft with a ‘0’ instead of an ‘o’).
  • Be wary of seemingly important emails with generic greetings. An organisation that you’re connected to should at least know your name. A ‘Dear sir or madam’ is red flag that the sender may not be who they say they are.
  • Even if you only slightly suspect an email may be suspicious, don’t open any attachments or click any links. You can, however, hover your mouse over the link to reveal the real web address and see if it matches up to the story the email is trying to spin.

Consumer Fraud

Over the last year, those aged 20-29 have been the biggest victims of consumer fraud, which involves the scammer duping a victim into transferring money over to them.

  • 10 to 19: 7.3k offences
  • 20 to 29: 30.9k offences
  • 30 to 39: 27.9k offences
  • 40 to 49: 22.1k offences
  • 50 to 59: 17.9k offences
  • 60 to 69: 10.5k offences
  • 70 to 79: 5.6k offences
  • 80 to 89: 2.2k offences

These offences were mostly from online shopping and auctions (71.6k), dating scams (8.6k), and ticket fraud (7.6k).

Amongst all the age groups, the 20 to 29 band remained the highest amount of offences for the below categories of consumer fraud:

  • Online shopping and auctions (18.9k of 71.6k offences – 26%)
  • Rental fraud (2.7k of 6.1k offences – 44%)
  • Ticket fraud (2.4k of 7.6k offences – 32%)
  • Dating scam (1.6k of 8.6k offences – 19%)

However, ‘fraud by abuse of power of trust’ and ‘door to door sales and bogus tradesmen’ mostly victimises the older generations, with those 70 to 89 reporting the most offences. ‘Consumer phone fraud’ was also far more likely to affect those 30 to 59 than any of the younger generations.

What we found

According to our recent Gen Z survey, 98% of UK 16-25 year olds take precautions to keep their information protected from scammers and hackers.

Despite this, a third (34%) admit to falling victim to some kind of online scam or hack in the past.

What precautions do Gen Z take to keep safe from scammers:

  • Covering my pin when at an ATM – 77%
  • Not opening suspicious emails – 70%
  • Reviewing my bank account(s) regularly for any changes – 60%
  • Confirming with my bank directly if I receive a suspicious message from them – 46%
  • Not opening personal documents in a public space – 37%
  • Not having the same password for multiple logins – 34%
  • Only using passwords that are longer than 12 characters – 33%
  • Using a VPN – 24%
  • Changing my passwords regularly – 22%
  • Not using public wifi – 21%
  • Only using encrypted USB’s – 8%
  • Using an RFID blocking wallet / purse – 8%

Two in five university students say they are more cautious with their online protection around loan drop dates, however a worrying 59% admitted they don’t pay their financial security any more mind during these times.

Men are more likely to be more cautious around loan drop dates (46% vs 39%) but are also marginally more likely to have fallen victim to a scam (36% vs 34%).

Advice from Student Beans

Will Briggs, Chief Financial Officer at Student Beans, says: ‘It’s vital that students and young people in general are aware of the risks of scams but also the precautions they can take to protect themselves. We know that scams are becoming increasingly sophisticated and it’s continuously becoming harder to identify suspicious activity.

‘Young people should be especially mindful of the information they share online, whether this is showing your excitement of a recent big loan drop, sharing personal information like addresses, or even revealing your course and university. Any personal information could be used against you by these sophisticated scammers.’

Advice from the Student Loans Company

Guidance from the Student Loans Company reminds students to remain vigilant around student loan payment dates, with the next drop due in April.

These ‘drops’ happen three times a year – January, April and September. All students are eligible for these loans, but the amount they receive is impacted  by where they live, what they study, what their family situation is, how old they are, etc. 

Official guidance from the SLC includes:

Scammers may try to trick students into giving away personal and financial information by sending fake emails and texts, or calling and pretending to be from SLC, Student Finance England (SFE), or other legitimate organisations.

SLC will never ask students to provide their personal or financial information via email or text message. If a student receives a suspicious message, they should report it to SLC immediately by emailing or calling our dedicated hotline on 0300 100 0059.

Students can protect themselves against phishing and online scams by taking the following steps:

  • Check the quality of the communication – misspelling, poor punctuation and bad grammar are often tell-tale signs of phishing.
  • Keep an eye out for any emails, phone calls or SMS messages you think are suspicious, especially around the time you’re expecting a payment.
  • Scam emails and text messages are often sent in bulk to many people at the same time and are unlikely to contain both your first and last name. These commonly start – ‘Dear Student’ – so be on guard if you see one like this.
  • Messages that convey a sense of urgency are also unlikely to be genuine – for example ‘failure to respond in 24 hours will result in your account being closed’.
  • Think before you click. If you receive an email or SMS that contains a link that you’re not sure of, then hover over it to check that it goes where it’s supposed to. If you’re still in any doubt don’t risk it, always go direct to the source rather than clicking on a potentially dangerous link.

Appendix – Methodology

We surveyed 1,241 16 – 25 years old in Jan 2023. 830 of these were university students (for when the data references students exclusively).

Source: NFIB Fraud and Cyber Crime Dashboard. Data correct as of 19:19 21st Feb 2023.

Source: Nature of fraud and computer misuse in England and Wales: Appendix tables

Age Computer Misuse Computer Virus Unauthorised Access To Personal Info (Inc. Hacking) Received A Message Which May Have Been Phishing In The Last Month Replied To / Clicked On A Link In The Message, % From Those Who Received A Message
All Adults 3.1% 0.6% 2.5% 49.8% 3.3%
18 – 24 (Gen Z) 3.9% 0.6% 3.3% 39.4% [u]
25 – 34 (Millennials) 3.2% 1.0% 2.3% 57.7% 1.8%
35 – 44 (Millennials) 3.8% 0.5% 3.3% 60.1% 4.8%
45 – 54 (Gen X) 3.6% 0.5% 3.1% 53.6% 3.4%
55 – 64 (Boomers) 2.8% 0.6% 2.2% 52.0% 2.3%
65 – 74 (Boomers) 2.7% 0.7% 2.0% 43.1% 1.7%
75+ (Post War) 1.5% 0.5% 1.1% 27.9% 3.3%
Male 18 – 24 3.3% 0.4% 2.9% [u] [u]
Female 18 – 24 4.6% 0.9% 3.7% [u] [u]