Written by Mara Gibor
During the COVID-19 pandemic, millions of Americans have filed for unemployment benefits. Seizing the opportunity, fraudsters have seemingly found success by fraudulently filing for unemployment benefits, and the Dark Web has been bustling with chatter about the most effective techniques and best states to target. As expected, underground ‘service providers’ have popped up, primarily offering the following:
‘Fullz’ is an underground term for a complete record of personally identifiable information (PII) that includes the victim’s name, date of birth, social security number, address, and more. Fullz data is used by fraudsters and cybercriminals for numerous schemes – from tax refund fraud to identity theft. Over the past few months, more and more underground vendors of Fullz have aggressively promoted their data for use in unemployment benefits fraud.
Similarly, underground vendors of fake and stolen documents such as paystubs, credit reports, W-2 forms, and fake ID’s, have been marketing their goods in connection with unemployment benefits fraud.
Some underground actors have been promoting tutorials and ‘how-to’ guides for fraudulent unemployment applications. These guides provide a step-by-step explanation and recommendations on the types of documents needed to file for unemployment benefits, URLs of preferred state unemployment agencies, bank or money transfer applications (e.g., Venmo), ideal termination dates to include in the application, and more. These guides sell for an average of $50 to $150 dollars. Often, the authors offer ‘proof’ that their method is successful by including images of unemployment benefit payments.
Finally, some underground actors are offering access to compromised unemployment benefit accounts. This scheme involves the unauthorized takeover of an existing legitimate unemployment benefit account and redirecting payments by modifying the beneficiary bank account from that of the accountholder to that of the fraudster. This service often includes the victim’s ‘Fullz’ and bank account information, login credentials for the state unemployment benefit website, and email account credentials, among other necessary documents.
To reduce the risk of fraudulent unemployment claims for your employees, consider the following:
About the Author
Mara Gibor is the Director of Threat Intelligence at Q6 Cyber. She leads analyst teams in the collection and analysis of E-Crime intelligence from numerous open and restricted sources.