The economic fallout from the COVID-19 pandemic has created a perfect storm of unemployment fraud—exacerbated by pressure on state agencies to provide unemployment benefits and inadequate anti-fraud infrastructure in those agencies. Fortunately, there is a clear path forward to combat unemployment fraud.
Here are the top five recent trends in unemployment fraud:
Fraud is easier
Pressure on state agencies to provide monetary relief for families, along with a steep increase in claim volume, has made it easier to succeed at unemployment fraud. The volume of claims alone helps to conceal fraudulent activities. Fraudsters have particularly targeted states without an income tax since those states cannot verify identities with tax records. Many states only learn about fraud when notified by citizens who have discovered fraudulent claims filed in their names.
Some states have slowed claims payments so they can verify the information before paying claims. But this slows benefit payments to families in need and adds to their frustration. States are better served by adopting technology to detect and prevent fraud in real-time.
Stolen identities are common
The easiest and most frequent way to commit unemployment fraud is with stolen identities. Massive data breaches in 2015, 2017, and 2019 at credit bureaus, healthcare providers, retailers, and credit card companies have compromised the social security numbers for virtually every American. There is a plelthora of false identities available, and they can easily be purchased on the dark web. Online tutorials explain the process of filing a false unemployment claim.
After amassing a list of stolen identities, fraudsters start trying to open new accounts and file unemployment claims. They often use stolen personal data for people who have just been born, have recently died, are in prison, or are even still employed. Fraudsters also assemble “synthetic identities” by combining information from different individuals to create a false person.
Faking an address
During the unemployment application process, individuals must provide an address. Using real addresses of the victims of identity theft would be too dangerous. Instead, fraudsters list addresses for vacant buildings, frequently filing hundreds of applications with the identical physical address.
CBS Los Angeles discovered that empty mansions for sale often had hundreds or thousands of fraudulent unemployment claims listing them as the physical address. In some cases, illicit couriers visit the properties to pick up debit cards loaded with unemployment benefits.
Copy and paste
Fraudsters paste information roughly ten times more frequently than legitimate users. They also tend to open their web browsers only on a portion of the available screen space. The rest of the screen is occupied by a text file to allow copying and pasting. Most applicants don’t copy and paste their first and last names into online forms—unless they’re trying to open hundreds of unemployment claims in other people’s names.
Fraudsters love to hide
States are overwhelmed just handling unemployment claims and rarely have resources to investigate the inconsistencies that might indicate fraud. Fraudsters use a variety of techniques to avoid detection. They often use VPNs and cloud infrastructure to conceal their identities—as well as rotating their IP addresses and user agents. However, when they do this, their devices’ time zones frequently don’t coincide with the geolocation for their IP address.
In addition, fraudsters tend to use familiar devices. Research shows the same devices accessing a large number of unemployment accounts. It isn’t unusual for a single device to be used to access more than 20 fraudulent accounts. (By comparison, most devices access no more than three accounts.)
The pandemic and accompanying economic turmoil continue to create huge challenges. Unfortunately, fraudsters have quickly capitalized on the confusion to take advantage of benefits earmarked for those who really need them. Education about unemployment fraud allows technological solutions to detect and stop it. This can decrease fraud losses and ensure that states successfully direct those funds to the right recipients.
View our resource for more information on how F5 enables State Government Agencies to fight fraudulent claims.
Enabling Agencies to Succeed with DevSecOps 