Massive Data Theft Underscores Threats to Students from Downloading Illegal eBooks

OBERLIN, OH (August 15, 2024) – A clone of a popular website students frequently use to download pirated eBooks recently lead to the biggest data theft ever according to Cybernews. An estimated 10 million users who accessed the clone site inadvertently exposed their personal information, including usernames, email addresses, and encrypted passwords. This incident, underscores the needs to remind students of the dangerous risks associated with downloading copyrighted works for free from unknow sources.

Some students have resorted to illegally downloading “free” textbooks and course materials – a
practice that can set them up for academic, legal, and data privacy risks. According to the latest Student Watch survey, 20% of students admitted to digital textbook piracy. The study also found students who opt-out of school affordable access programs were twice as likely to say they engage in this behavior. 

Illegally downloading textbooks puts students at risk for serious disciplinary action pursuant to the federal Higher Education Act's Peer-to-Peer File Sharing and Copyrighted Material provisions and institution student code of conduct policies. Not only is textbook piracy a federal crime, but it can also result in students relying on outdated, inaccurate, or illegible materials, which can negatively impact academic performance. 

College students are now specifically being targeted by cybercriminals the Detroit Free Press is reporting. According to CNET, a leading anti-virus company found that malware attacks disguised as downloadable textbooks is an increasingly prevalent tactic to breach student privacy and capture sensitive data. More than 100,000 pieces of malware disguised as free textbooks and related course materials included viruses capable of harming students, infiltrating college networks, and exposing sensitive data. 

"Students need to be careful about where they obtain their course materials and look at anything being offered as ‘free’ with a level of skepticism. They must also be wary when providing credit and debit card information and other sensitive data online, and take steps to protect themselves against a variety of digital scams," said Richard Hershman, vice president of government relations for the National Association of College Stores (NACS). “We urge students to guard their identities, their privacy and their finances by taking common-sense steps.”
 

NACS recommends students be aware of the following:

• Online Textbook Cons. Don’t fall for prices that sound too good to be true. Before buying, validate the site and seller, check reviews including third-party consumer sites such as the Better Business Bureau and others, and look for a physical address and phone number. Also, be aware that some online sites sell stolen or fake textbooks. If purchased, buyers could be charged with receiving stolen goods or unable to sell the books at the end of the term.
• Illegal or Stolen Online Access Codes. Digital course materials require access codes to sign on. Unfortunately, an increasing number of scammers have set up online sites that sell fake, stolen, and expired access codes. Students purchasing from such sites may find the codes don’t work. Meanwhile, within hours or days, the scammers shut down the site and begin using the student's credit card.
• Viruses on Illegal Digital Files. Don’t download illegal pirated files. They usually arrive with nasty computer viruses and violate student code of conduct policies. Most illegal downloading is done through peer-to-peer software. But, since the real source of the files isn’t known, it is impossible to know if they are infected. 
• Credit Card Scams Targeting Students. According to the FBI, in recent years Good Samaritan students have unknowingly participated in credit card scams. Scammers claiming to have lost their student ID cards enlist students to vouch for them at the counter with their valid IDs. The perpetrators then make their purchases – in many cases, high-end computers and devices – with a bogus credit card. College stores have implemented prevention methods to thwart these crimes. The FBI advises students to not agree to facilitate a purchase for someone who does not have a valid student ID and to immediately report any fraudulent activity.
• Digital Security. Students should protect their digital information and identities. Do not lend passwords or access codes and do not use school usernames and passwords on commercial sites. When using public Wi-Fi, do not transmit personal or financial information. Also, be aware of fake Wi-Fi sites that steal personal information. For additional tips and guidance visit Florida State University's "Top 10 Cybersecurity Tips for Students."
  
  Finally, always report fraudulent activity as soon as it occurs. Use reliable trusted sources for purchases and use resources such as the Better Business Bureau and their ScamTracker Risk Report to make smart decisions regarding retail transactions.
   

About The National Association of College Stores: The National Association of College Stores (NACS) is the professional trade association representing the collegiate retailing community. Our members are primarily campus stores owned by colleges, universities, and other nonprofit K-20 institutions and co-ops across the United States. We conduct extensive research into course material use and affordability, partner with student organizations and other stakeholders to advance course material affordability efforts, establish best practices, and promote industry standards. NACS is headquartered in Oberlin, Ohio.