In nearly every situation, it seems criminals and fraudsters have a way of finding new opportunities. With the arrival of the pandemic and available relief through unemployment, organized cybercrime rings rose to the challenge. As a result, as honest Americans line up to collect their rightful unemployment offered through the federal CARES Act, an alarming amount of fraudsters are doing the same. 


While the fraudulent activity is wide-ranging, it is not specifically related to your organization, the payroll industry, or any specific data breaches. In this extraordinary year, we wanted to share an overview of our best practices to help combat the increased volume of fraudulent activity attempting to take advantage of programs that were designed by the Government to help with Covid-19. As such, we also encourage organizations to follow security best practices provided by your local state department of financial services. 

Unemployment Fraud Security Best Practices

  1. Risk Assessments – Conduct periodic risk assessments to determine “confidentiality, integrity, security and availability of the IT infrastructure.”
  2. Audit Trails – Design audit trails to record and respond to cybersecurity events.
  3. Limitations on Data Retention – Develop policies and procedures for the secure disposal of personal identifiable information. 
  4. Access Privileges – Limit access privileges to personal identifiable information and periodically review those privileges. 
  5. Incident Response Plan – Develop a written plan to document internal processes for responding to cybersecurity events.

States Reporting Fraudulent Unemployment Increases

Across the country, at least 11 states have seen a rise in fraudulent unemployment insurance claims. This has led to reports of billions of dollars lost to unemployment fraud COVID-19 has contributed to according to a review of unemployment activity by Bloomberg Government. As a result, alerts have been issued by the FBI and other state departments. Unfortunately, this could impact the contribution rates your business is expected to pay.

The “Cyber Pandemic”

Cybercriminals placed their bets on the large volume of legitimate claims overwhelming state governments trying to process the onslaught. The inability to process the rise in claims works to fraudsters’ benefit as it means less attention is given to each claim, so false claims go through unnoticed. Combine this with personal information available through past data breaches, and it suddenly becomes a very lucrative proposition for cybercriminals.

The CARES Act and PUA

The CARES Act offers $600 additional a week in benefits to recipients, which makes this a very lucrative prospect for fraudsters. The relief is also available for independent workers not usually eligible for unemployment benefits through the Pandemic Unemployment Assistance (PUA) program. Because filing is based on self-attestation, this has increased false claims. It is believed three out of four claims through PUA were fraudulent.

Common Fraud and Organized Fraudsters

The unemployment fraud COVID-19 claims include those small-time criminals who would typically try to tap into the opportunity, in hand with some very serious criminals. One such example includes organized cybercriminals in Nigeria who know how to create fictitious businesses and take over accounts. Crime rings include the Nigerian “Scattered Canary” group, the criminal minds behind common real estate and romance scams. The Scattered Canary group alone has scammed the government out of hundreds of millions of dollars in unemployment insurance throughout 11 states. Run like an actual company, they employ large workforces available to find the most vulnerable states using the dark web to access personal information.

Ongoing Schemes

The schemes used by the fraudsters are so well-organized they actually sell steps on how to scam the government on the dark web. Some common practices include setting up free Gmail accounts to use when filing claims and then having the emails all go to a single email address. In addition, addresses for homes that have recently sold are being used to provide thieves the ability to watch mailboxes and retrieve checks when they are delivered. Fake businesses might be set up in which stolen identities are used to hire a list of employees who are then laid off so they can collect unemployment benefits that go to the fraudsters.

A Breakdown of States

Some of the most notable states targeted by unemployment scams include:

All of these issues combined will likely lead to many taxpayers finding unemployment funds showing up on their tax forms. Your business might also find your unemployment contribution could rise. Stay alert and stay prepared both proactively within your organization and by making sure you have partners who are doing the same.

About The Author

Ingrid Principe

Ingrid is the Content Marketing Manager at Paypro, managing both inbound and outbound marketing initiatives for the company. She has 15+ years’ of extensive marketing communications experience, leveraging brand awareness and strategic partnerships to increase sales revenue for a diverse group of B2B brands.