Fraudsters aim for unemployment benefits
As unemployment claims rose during the pandemic, so did fraudulent activity directed at taking advantage of overburdened unemployment agencies. With their typical routines disrupted, many people may have overlooked digital security practices, allowing cybercriminals to gain access to sensitive personal information and commit identify theft. One of those common forms of identity theft was falsified unemployment claims.
A report from the Associated Press notes that nearly 26 million people requested unemployment aid in the early months of the pandemic, and that by November, “the U.S. Department of Labor’s Office of Inspector General estimated states had paid as much as $36 billion in improper benefits, with a significant portion of that blamed on fraud.”1
Many people may not have discovered their personal information was compromised until they received a 1099-G tax form, which reports unemployment compensation. As an employer, you may hear from employees in good, current standing who are confused about receiving this form, or from agencies confirming that a person who has filed an unemployment benefits claim is a former employee. You may also receive Unemployment Insurance Notification of Potential Charges for current employees. If you do receive such a notice, contact the state as directed to inform them of an error or potential fraud.
Just as with other types of fraud, it’s important for companies to be aware of heightened risks and strengthen the company’s network defenses says KeyBank’s Sara Seguin, vice president, division manager of Fraud Strategy. With more employees working remotely, ensure that software updates and security patches are current, your virtual private network (VPN) has extra firewalls, and email filters are enhanced. If an employee’s personally identifiable information (PII) is exposed, fraudsters may have gained access to work materials as well.
Help Your Employees Protect their Personal Info
Companies should also educate employees about the increased incidences of unemployment insurance fraud, how they can protect their own information and your company’s networks systems, and what to do if fraudulent activity is suspected or confirmed.
Watch for Suspicious Activity
The Federal Bureau of Investigation (FBI) advised Americans to be on the lookout for the following2:
- Receiving communications regarding unemployment insurance forms when you have not applied for unemployment benefits
- Unauthorized transactions on your bank or credit card statements related to unemployment benefits
- Any fees involved in filing or qualifying for unemployment insurance
- Unsolicited inquiries related to unemployment benefits
- Websites and social media pages mimicking those of government agencies
What To Do In Case of a Compromise
Companies should respond swiftly to any requests to certify employment status from appropriate government agencies and alert employees who may have been impacted.
Affected individuals should take the following steps:
- Notify their state unemployment agencies of fraudulent claims or incorrect 1099-G forms – some states, such as Ohio, have set up fraud hotlines or online fraud reporting forms.
- Visit IdentityTheft.gov to report the fraud to the Federal Trade Commission (FTC). The agency can help set up a fraud alert on their credit and close any fraudulent account(s) opened in their name.
- Check their credit report and financial statements regularly for other suspicious activity.
- Contact their bank and other financial institutions to activate their fraud protections.
- Change their passwords on email and financial accounts, making sure to have unique and strong passphrases for each account.
- If they believe they know who committed the fraud, they can also file a police report.
To prevent unemployment fraud and other types of cybercrime, remind your employees of safety practices, such as:
- Do not give your Social Security number, passwords, one-time security passcodes or other sensitive information over the phone.
- Check website URLs to make sure they’re legitimate and secure before entering information.
- Use two-factor authentication when possible.
- Don’t click links or download attachments from unknown senders.
Fraudsters are using a fraught time to target individuals and overburdened institutions for financial gain. Fraudulent unemployment benefits claims are on the rise. Awareness along with corporate and personal security strategies are the key to preventing serious financial harm.
KeyBank is committed to helping you protect your business and your employees from common types of fraud. For more insights into cybersecurity and fraud, visit key.com/cybersecurity.