It is estimated that this past year more than $200 billion in federal assistance for unemployed Americans has ended up in the pockets of cybercriminals through rampant, widescale fraud of our nation’s unemployment systems. Texas is unfortunately no exception. Check out the fraud details below and how you can help crack down on these criminals taking advantage of an already difficult situation.
What You Need to Know
There are two main methods used by cybercriminals to facilitate unemployment insurance fraud:
1) Critical Information Accessed Phishing
This method is similar to traditional phishing, where cybercriminals send forged emails with the goal of recipients clicking a link and ultimately giving up personal information or credentials through a phony website. When phishing specifically for unemployment benefits, the goal is to obtain the target’s personal information and use it to file a fraudulent unemployment benefits claim.
The phishing email may be anything that prompts action: a Facebook suspicious login activity alert, your bank informing you that your accounts have been frozen, or even posing as the Texas Workforce Commission themselves requesting information!
2) Compromised PII Used to Submit For Unemployment Benefits
Cybercriminals also regularly use Personally Identifiable Information (PII) that has previously been compromised, leaked, or sold on the Dark Web to file fraudulent unemployment benefit claims. There are thousands of organizations whose customers’ sensitive information has been illegally obtained and is now readily available for criminals to purchase on the Dark Web. Myspace, LinkedIn, Target, Home Depot, Equifax, and Yahoo are a few notable breaches in recent years that compromised the information of millions of Americans.
Common Fraud Indicators
Now that you know how cybercriminals operate, here are red flags to look out for:
Your organization’s HR department receives a Notice of Application for Unemployment Benefits for an individual who has never worked for your organization.
A current employee reports they have received materials (via email or traditional mail) from the Texas Workforce Commission for an unemployment claim which they did not initiate.
A current employee receives a bank card, check, or bank deposit for unemployment benefit funds that was not expected.
A current employee receives a 1099-G form when they should not have.
How To Prepare
The best course of action is to educate your staff of the risks, the common fraud indicators mentioned above, and how to respond should to the situation arise. It is also wise to train HR personnel to report suspected fraud to the Texas Workforce Commission (TWC) promptly.
Reporting Suspected Fraud
The Texas Workforce Commission has a wealth of resources regarding reporting and specific examples of reportable violations. You can also contact TWC directly via email at TWC.fraud@TWC.state.tx.us or phone via their 24/7 Program Abuse and Fraud Hotline at (800) 252-3642.
A Shared Responsibility
Ultimately, the responsibility for identifying and reporting fraud rests with each of us. The Texas Workforce Commission does actively investigate fraud, but remember unemployment benefits payments are funded through taxpayer dollars and so are the already limited resources for TWC’s investigations. US Medical IT remains dedicated to doing everything in our power to stop cybercriminals from profiting at the expense of others and we are always here to help should something of concern arise within your organization.