Unearned unemployment: Who is collecting money meant for Americans in need?

A lack of anti-fraud measures, bypassed processes that had been in place to help verify benefit claims and data inaccuracies -- combined with the rampant availability of cheap, stolen account credentials and personally identifiable information on dark web markets -- has led to an unprecedented increase in unemployment fraud.

 

As quickly as the onslaught of American’s unemployment claims hit state governments, the domino effect of outdated systems and the need for process improvements became abundantly clear. As if COVID-19 and U.S. joblessness weren’t enough to tackle, the chaos and urgency created the perfect opportunity for criminals to devise targeted fraud strikes on both state government agencies and individuals who had just been laid off – a scheme that’s putting $26 billion in unemployment benefits at risk.

What is fueling growth in unemployment fraud right now?

A lack of anti-fraud measures, bypassed processes that had been in place to help verify benefit claims  and data inaccuracies -- all combined with the rampant availability of cheap, stolen account credentials and personally identifiable information on dark web markets -- has led to an unprecedented increase in unemployment fraud.

The problem stems from criminals impersonating unemployed workers by using stolen credentials and PII and diverting the funds from benefit claims into their own pockets. PII, which can help answer security questions during the claims verification process, can be extracted from stolen pay slips, W-2 forms and credit reports.

Labor Department Inspector General Scott Dahl told the House Subcommittee on Government Operations in a recent briefing that even in the best of times, about 10% of unemployment insurance payments can be attributed to fraud. However, with the new strains on unemployment, he said losses could rise to $26 billion, with the bulk of it due to fraud.

It’s not just domestic criminals who are taking advantage of the system. The Secret Service identified a Nigerian Fraud Ring targeting at least 11 states including North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming, Florida and Washington. Reportedly, although Washington state was the hardest hit by the fraud ring, it was able to recover $333 million from the $650 million in stolen unemployment payments.

The average weekly unemployment benefit of $371.88 coupled with the CARE Act’s $600 stimulus has presented an attractive target for criminals. Below are some states’ reported percentages of fraudulent claims between April and July of 2020.

Stats of total claims submitted and those recorded as fraudulent and suspect claims from March to July 2020 Source: SpyCloud

Total claims submitted and those recorded as fraudulent and suspect from March to July 2020.

Source: SpyCloud

In response to increased fraud, Michigan, Pennsylvania and Maine halted unemployment payments to remediate fraudulent claims, leaving legitimate jobless claimants without their payments. While the delays were to take only days, in some cases they have taken weeks.

Prepaid cards also have been targeted by fraud rings to cash in on unemployment claims and stimulus payments. Once again, by leveraging stolen credentials to open new unemployment claims or take over existing accounts where the account holder reuses a compromised password, fraudsters are able to receive funds and drain the prepaid cards.

What can be done to limit unemployment fraud?

Recommendations for government agencies: Report after report indicate that fraudulent state unemployment claims stem from stolen identities related to data breaches and leaks. A practical method to proactively mitigate fraud risk is monitoring new benefit claims against breached data services that identify compromised passwords and PII. Claims that seem suspicious can be flagged for further manual verification.

Recommendations for fraud analysts and IT teams: Although we are living under extraordinary circumstances, premature go-live updates and platform releases have left unemployment programs with undetected vulnerabilities discovered by the public or, worse yet, by criminals. Analyst and investigators employed or contracted by states facing the daunting task of sifting through unemployment claims for abnormalities and high-risk indicators, have some steps they can take to here to identify criminal activities and reduce fraud:

  1. If updates have been made to the unemployment claims platform, gain a complete understanding of changes by thoroughly reviewing communications and participating in training offered by the teams responsible.
  2. Maintain processes that have proved successful in preventing fraud.
  3. Ensure there is a method to monitor user activities, such as user origin, logins, account creations, account modifications and fraud claim filings.
  4. Tie disparate data sources together, comparing and verifying new accounts against existing accounts to detect anomalies.
  5. Watch for uncommon claims, such as those filed from out of state.
  6. Verify claimants’ contact information to stop criminals from:
  • Creating new or temporary email addresses.
  • Using burner phones.
  • Making slight variations in house numbers or completely changing the claimant’s physical address.
  • Encourage knowledge-sharing between states by making trend analyses and fraud reports available to your fellow fraud analysts and investigators.
  • Recommendations for employers: Public- and private-sector organizations must continuously monitor and remediate their employees’ exposed credentials. Fraud, whether payments-related or simply theft of data, is a concern for all organizations, and it’s important to remember that the human attack surface extends past their own employees to those in the supply chain. Security teams who take responsibility for educating their employees -- as well as their partners and vendors -- on the dangers of password reuse, the importance of complex, unique passwords for all accounts (personal and corporate) and the necessity of multi-factor authentication are performing a public service.

    Ultimately, the importance of enhancing verification processes and efficiencies, combined with individuals and employers taking responsibility for PII protection, will limit the financial waste due to fraud and payment delays to the Americans in the most need.

    X
    This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
    Accept Cookies
    X
    Cookie Preferences Cookie List

    Do Not Sell My Personal Information

    When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

    Allow All Cookies

    Manage Consent Preferences

    Strictly Necessary Cookies - Always Active

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Sale of Personal Data, Targeting & Social Media Cookies

    Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

    If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

    Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

    Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

    If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

    Save Settings
    Cookie Preferences Cookie List

    Cookie List

    A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

    Strictly Necessary Cookies

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Functional Cookies

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Performance Cookies

    We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

    Sale of Personal Data

    We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

    Social Media Cookies

    We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

    Targeting Cookies

    We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.