The national attention given to recent data breaches, including the theft of personally identifiable information (PII), has highlighted potential issues for the victims of the breaches. Identity theft is one of the more obvious concerns. Breached organizations offer free access to identity protection services, which offer more psychological relief to victims than actual safeguards from identity theft.
Perhaps one of the most underreported vectors to monetize stolen PII is unemployment insurance scams. In fact, identity protection services do next to nothing to stop the improper use of government benefits, including unemployment benefits.
What Is Unemployment Insurance Fraud?
Unemployment insurance fraud, also known as unemployment claims fraud or benefits fraud, is the collection of benefits from unemployment claims filed using false or inaccurate information. According to the Department of Employment Services, unemployment insurance fraud may take several forms, such as the following:
- An individual returns to work but continues to collect unemployment insurance benefits.
- An individual works a part-time job but does not report his or her earnings to the state, thereby collecting more benefits than he or she is allowed.
- An individual performs temporary work while collecting unemployment insurance benefits but does not report the earnings when filing his or her weekly claim.
- An individual holds back information or gives false information to the state unemployment insurance agency.
While unemployment insurance fraud is often perpetrated by individuals on their own account, the proliferation of stolen PII in underground markets opens new doors for criminals looking to commit the fraud using stolen IDs. It is now economically practical for organized crime groups to use unemployment insurance fraud to monetize stolen PII purchased from data breaches and other forms of mass data compromises. More importantly, identity theft victims of unemployment benefits are often left in the dark until they are approached by their human resources department for filing an unemployment claim while still employed, or until the victim actually becomes eligible for the benefits, but a submitted claim is denied.
Recent Cases
In Miami, two brothers were sentenced to more than nine years in prison each and ordered to pay more than $800,000 in restitution after being found guilty of identity theft and unemployment fraud. The investigation kicked off after one of the victims filed a complaint with law enforcement about the unauthorized use of her identity for unemployment benefits. Investigators tracked the IP address used to file the claim back to the brothers, who reportedly used more than 650 personal identities to claim unemployment benefits.
A group of five co-conspirators in Milwaukee and Gary, Indiana, were convicted of executing an identity theft and unemployment insurance fraud scheme resulting in the fraudulent obtainment of $357,420 in unemployment benefits. In a well-calculated fraud scheme, the perpetrators created several fictitious companies and registered both complicit and identity theft victims as employees of the companies, with the end goal of collecting unemployment benefits. One of the suspects, who worked as a certified nursing assistant at a rehabilitation center, used her access to patients to supply the group with identity theft victims.
In Trenton, New Jersey, a resident led a team of three other co-conspirators who perpetrated a fraud scheme that netted more than $180,000 in unemployment benefits. The group leader used two defunct companies with which he was previously associated to submit fraudulent quarterly wage statements to the state. This allowed the group to later file unemployment claims. Two of the co-conspirators unsuccessfully filed unemployment claims using false identities. In an interesting twist, the lead fraudster launched the scheme while serving time for other convictions, including tax refund fraud. He was also able to receive proceeds from the unemployment fraud into his prison account.
Detection in a Digital World
State agencies can use the large volumes of claimant data to accurately identify fraud. Each claimant service encounters data that can be used for analytics. Most of these encounters happen in the online world. The challenge is finding a solution that can scale to cover multiple data sets with speed, accuracy and efficiency. There are numerous analytics that can be performed on the data collected through online customer interactions. The following are some of the analytics that can be run:
- IP Address Analysis: Any organization not scrutinizing the IP address activity of claimants misses out on potentially low-hanging fruit. A single IP address linked to multiple claimants hints at identity theft fraud. At the very least, it deserves to be further investigated. Accordingly, out-of-state and especially out-of-country IP address activity is another red flag.
- Device Fingerprinting: IP address analysis has limitations, since even the less sophisticated bad actors can easily misrepresent their IP address in order to circumvent geolocation fraud detection strategies. A more advanced method of tracking Internet user activity is device fingerprinting. Similar to IP addresses, a single device fingerprint linked to multiple claimants is reason for concern. However, even device fingerprinting is not foolproof.
- Link Analysis: From the perspective of identity theft unemployment fraud detection, link analysis is a powerful technique used to obtain actionable intelligence from the data to which state agencies have access. One of the challenges is maintaining an environment that will let organizations quickly identify relationships between nodes, often in real time or near-real time as new data comes in. As new unemployment insurance claims are submitted, organizations need to resolve entities and discover relationships between new and historical data points.
Fraud management solutions can provide organizations with a single, integrated solution to combat the full life cycle of unemployment insurance fraud. The discussed data analytics techniques are only a piece of the puzzle. The solution is designed to help prevent and intercept attempted fraud while detecting, identifying and building the case against past fraudulent activity and improper payments.
Financial Crimes Intelligence Specialist, IBM