Spike in Unemployment Benefits Fraud: What Employers Should Do

By: James Harrison November 18, 2020

In the wake of the ongoing COVID-19 pandemic, there has been an explosion of unemployment insurance fraud nationwide. Millions of employees are at risk of identity theft and losing future unemployment benefits due to fake claims being filed in their name. Employers have a responsibility to respond quickly to fraudulent unemployment claims and help employees whose personal information has been stolen.

FBI Issues Warning

The FBI alerted employers in July about the sudden rise in fraudulent unemployment claims using stolen identity information. According to the agency, “Criminals obtain the [employee’s] stolen identity using a variety of techniques, including the online purchase of stolen personally identifiable information, previous data breaches, computer intrusions, cold-calling victims while using impersonation scams, email phishing schemes, physical theft of data from individuals or third parties, and from public websites and social media accounts, among other methods.”

Identity fraud typically makes up about 3 percent of all unemployment claims annually according government audits. But since the Pandemic Unemployment Assistance program was announced, the uptick in fraudulent claims filed on behalf of current, active employees has skyrocketed. Here are just a few examples:

  • Illinois identified more than 200,000 counts of unemployment insurance fraud since March.
  • Georgia found more than 130,000 false claims filed in July.
  • Maryland announced 47,000 fraudulent claims had been uncovered in early July.
  • Washington State has turned up nearly 87,000 impostor cases since March.
  • Colorado found that 77 percent of Pandemic Unemployment Assistance claims were faked.
  • In October, Arizona revealed it had flagged over 3.4 million potentially fraudulent claims.

The Spike in Employee Identity Theft

These massive increases in unemployment benefit fraud are indicative of an overall wave of various forms of identity theft and financial scams related to the pandemic this year. The message to HR and executive management is that a growing number of your current employees may already be victims of identity theft but don’t know it. Employees may only learn they are victim to identity theft when they themselves receive a letter approving their claim for unemployment benefits—which they never filed.

Making things more complicated, some companies are seeing a surprisingly large number of claims filed on behalf of active employees, which may be evidence of something far worse – a possible internal data breach of employee information.

What Employers Can Do

While there is no magic solution to this problem, here are a few things employers can do to reduce risk:

  1. Make employees aware. Let employees know right now about the spike in fraudulent claims and identity theft. Ask them to report fraudulent benefits claims to HR as soon as they learn about them. Employers should also educate employees generally about how to protect themselves from identity theft.
  2. Be alert. It is important for employers to carefully monitor and confirm the legitimacy of all unemployment benefit claims.
  3. Notify employees quickly. If the named applicant is a current employee, the claim is likely fraudulent, and the employee should be notified that they have a possible identity theft problem. If it is a former employee, the employer should contact them to confirm whether they filed the claim.
  4. Contest the claim. Employers have a limited window in which to protest unemployment claims. Be sure to contest any fraudulent claims by the deadline.
  5. Report the fraud. The employer and the affected employee should notify the state unemployment benefits agency of the fraudulent claim. State reporting websites and tip hotlines are listed here: https://www.dol.gov/general/maps/fraud
  6. Notify the data breach team. A fraudulent claim is not necessarily a sign of a security breach. But organizations should work proactively to ensure adequate security measures are in place to safeguard sensitive personal information for customers and employees alike.
  7. Address employee identity theft. A fake unemployment claim is a sign that an employee’s personal information is in the hands of cybercriminals. With 1 in 4 people suffering from identity theft, employers should consider providing identity protection as an employee benefit. The iDefend Employee benefit plan from INVISUS makes it simple and affordable to provide this important protection as an employee perk.

What Employees Can Do

There is no way to guarantee employees will not become a victim of this fraud, but here are several things employees can do to minimize the risk, stop the fraudulent claim, and prevent further identity theft damages.

  1. Report any claim notices. Employees who receive a falsified unemployment claim letter should immediately alert their employer and report it to the state unemployment agency. Any employee who receives a benefit debit card in the mail should destroy it and not active it.
  2. Practice good cyber-hygiene. Create strong passwords and don’t use the same one in multiple accounts. Watch out for phishing emails, spam calls, or text messages and websites that ask for account ID’s, passwords and other personal information (like employer name and address, date of birth or Social Security number).
  3. Monitor personal accounts. Review credit card and bank statements for suspicious activity. Monitor your credit profile and review your credit report often. Free copies of credit reports are available from all Experian, Equifax and TransUnion. (See AnnualCreditReport.com for more information.)
  4. Be careful what you publicize. Don’t post personal information such as city, home address and employment information on social media. Check and update the privacy settings for your online accounts and apps to avoid sharing information that attackers can use to piece together an identity profile.
  5. Enroll in identity theft protection. Proactively monitor for identity theft activity by enrolling in an identity protection plan such as iDefend, either directly or through an employee benefit plan.