Jobless claims system targeted
Fraud schemes exploit vulnerable spots in US unemployment relief
The for-sale ad appeared last month in an underground internet bazaar that specializes in selling stolen accounts and data. It was for access to a filched unemployment insurance claim in California that had been approved and offered benefits worth $17,550.
The black-market sale of jobless benefits is just one sign that the unemployment insurance system — the main artery for delivering financial assistance to laidoff workers — has been besieged during the coronavirus crisis by criminal networks intent on bilking the government out of hundreds of millions of dollars.
In California, fraud was so pervasive that officials have suspended processing jobless claims for two weeks to put new controls in place and reduce a bulging backlog.
The U.S. Labor Department recently made fraud detection a priority, dedicating $100 million to combat the problem.
But several state officials and cybersecurity experts say some of the efforts have been misdirected, designed to uncover workers misrepresenting their eligibility instead of large-scale identity theft.
“The focus continues to be on lying instead of stealing,” said Suzi LeVine, the commissioner of the Employment Security Department in Washington, one of the first states to be flooded with fraudulent claims.
Social service agencies have historically been preoccupied with preventing potential beneficiaries from cheating the government — individuals who lie about seeking a job or the date of their return to work. “Anti-fraud systems are organized around that,” LeVine said. “Saying I was looking for a job when I was actually on a beach in Cabo.”
But most fraud is now being engineered by cybercriminals, some of them working together, who have stolen or bought other people's identities and are using them to raid state unemployment systems.
Since March, Washington state has turned up nearly 87,000 impostor cases. From January 2018 to June 2019, there were 184. Traditional fraud-prevention strategies, LeVine said, “will not help us catch these thieves.”
Think of it as the difference between an attack within and one coming from the outside.
Previously the cheating came mostly from workers who were in the system and trying to get something they were not entitled to. Now “it's people outside of the system who are impersonating other people or breaking in,” said Roman Sannikov, director of cybercrime and underground intelligence at the cybersecurity firm Recorded Future.
Using stolen identities to steal from the government is not new. Such thefts have bedeviled programs from school loans to Medicare and disaster relief.
“Criminals go where the money is,” said Avivah Litan, an analyst at the research and consulting firm Gartner.
After Congress passed the CARES Act, the emergency relief — including the Pandemic Unemployment Assistance program and a temporary $600 weekly supplement — was where the money was.
And that is where the bulk of the fraud has been aimed. Handled by the states, pandemic jobless benefits were meant to fill gaping holes in the safety net by covering self-employed, part-time and gig workers; independent contractors; and others ordinarily ineligible for unemployment insurance.
But the desire to quickly get money to households facing eviction, hunger or financial ruin made the program vulnerable to swindlers.