Jobless claims system targeted
Fraud schemes exploit vulnerable spots in US unemployment relief
The for-sale ad appeared last month in an underground internet bazaar that specializes in selling stolen accounts and data. It was for access to a filched unemployment insurance claim in California that had been approved and offered benefits worth $17,550.
The black-market sale of jobless benefits is just one sign that the unemployment insurance system — the main artery for delivering financial assistance to laid-off workers — has been besieged during the coronavirus crisis by criminal networks intent on bilking the government out of hundreds of millions of dollars.
In California, fraud was so pervasive that officials have suspended processing jobless claims for two weeks to put new controls in place and reduce a bulging backlog.
The U.S. Labor Department recently made fraud detection a priority, dedicating $100 million to combat the problem.
But several state officials and cybersecurity experts say some of the efforts have been misdirected, designed to uncover workers misrepresenting their eligibility instead of large-scale identity theft.
“The focus continues to be on lying instead of stealing,” said Suzi LeVine, the commissioner of the Employment Security Department in Washington, one of the first states to be flooded with fraudulent claims.
Social service agencies have historically been preoccupied with preventing potential beneficiaries from cheating the government — individuals who lie about seeking a job or the date of their return to work. “Anti-fraud systems are organized around that,” LeVine said. “Saying I was looking for a job when I was actually on a beach in Cabo.”
But most fraud is now being engineered by cybercriminals, some of them working together, who have stolen or bought other people’s identities and are using them to raid state unemployment systems.
Since March, Washington state has turned up nearly 87,000 impostor cases. From January 2018 to June 2019, there were 184. Traditional fraudprevention strategies, LeVine said, “will not help us catch these thieves.”
Think of it as the difference between an attack within and one coming from the outside.
Previously the cheating came mostly from workers who were in the system and trying to get something they were not entitled to. Now “it’s people outside of the system who are impersonating other people or breaking in,” said Roman Sannikov, director of cybercrime and underground intelligence at the cybersecurity firm Recorded Future.
Using stolen identities to steal from the government is not new. Such thefts have bedeviled programs from school loans to Medicare and disaster relief.
“Criminals go where the money is,” said Avivah Litan, an analyst at the research and consulting firm Gartner.