March 25, 2015 By Chad Barnes 4 min read

The national attention given to recent data breaches, including the theft of personally identifiable information (PII), has highlighted potential issues for the victims of the breaches. Identity theft is one of the more obvious concerns. Breached organizations offer free access to identity protection services, which offer more psychological relief to victims than actual safeguards from identity theft.

Perhaps one of the most underreported vectors to monetize stolen PII is unemployment insurance scams. In fact, identity protection services do next to nothing to stop the improper use of government benefits, including unemployment benefits.

What Is Unemployment Insurance Fraud?

Unemployment insurance fraud, also known as unemployment claims fraud or benefits fraud, is the collection of benefits from unemployment claims filed using false or inaccurate information. According to the Department of Employment Services, unemployment insurance fraud may take several forms, such as the following:

  • An individual returns to work but continues to collect unemployment insurance benefits.
  • An individual works a part-time job but does not report his or her earnings to the state, thereby collecting more benefits than he or she is allowed.
  • An individual performs temporary work while collecting unemployment insurance benefits but does not report the earnings when filing his or her weekly claim.
  • An individual holds back information or gives false information to the state unemployment insurance agency.

While unemployment insurance fraud is often perpetrated by individuals on their own account, the proliferation of stolen PII in underground markets opens new doors for criminals looking to commit the fraud using stolen IDs. It is now economically practical for organized crime groups to use unemployment insurance fraud to monetize stolen PII purchased from data breaches and other forms of mass data compromises. More importantly, identity theft victims of unemployment benefits are often left in the dark until they are approached by their human resources department for filing an unemployment claim while still employed, or until the victim actually becomes eligible for the benefits, but a submitted claim is denied.

Recent Cases

In Miami, two brothers were sentenced to more than nine years in prison each and ordered to pay more than $800,000 in restitution after being found guilty of identity theft and unemployment fraud. The investigation kicked off after one of the victims filed a complaint with law enforcement about the unauthorized use of her identity for unemployment benefits. Investigators tracked the IP address used to file the claim back to the brothers, who reportedly used more than 650 personal identities to claim unemployment benefits.

A group of five co-conspirators in Milwaukee and Gary, Indiana, were convicted of executing an identity theft and unemployment insurance fraud scheme resulting in the fraudulent obtainment of $357,420 in unemployment benefits. In a well-calculated fraud scheme, the perpetrators created several fictitious companies and registered both complicit and identity theft victims as employees of the companies, with the end goal of collecting unemployment benefits. One of the suspects, who worked as a certified nursing assistant at a rehabilitation center, used her access to patients to supply the group with identity theft victims.

In Trenton, New Jersey, a resident led a team of three other co-conspirators who perpetrated a fraud scheme that netted more than $180,000 in unemployment benefits. The group leader used two defunct companies with which he was previously associated to submit fraudulent quarterly wage statements to the state. This allowed the group to later file unemployment claims. Two of the co-conspirators unsuccessfully filed unemployment claims using false identities. In an interesting twist, the lead fraudster launched the scheme while serving time for other convictions, including tax refund fraud. He was also able to receive proceeds from the unemployment fraud into his prison account.

Detection in a Digital World

State agencies can use the large volumes of claimant data to accurately identify fraud. Each claimant service encounters data that can be used for analytics. Most of these encounters happen in the online world. The challenge is finding a solution that can scale to cover multiple data sets with speed, accuracy and efficiency. There are numerous analytics that can be performed on the data collected through online customer interactions. The following are some of the analytics that can be run:

  • IP Address Analysis: Any organization not scrutinizing the IP address activity of claimants misses out on potentially low-hanging fruit. A single IP address linked to multiple claimants hints at identity theft fraud. At the very least, it deserves to be further investigated. Accordingly, out-of-state and especially out-of-country IP address activity is another red flag.
  • Device Fingerprinting: IP address analysis has limitations, since even the less sophisticated bad actors can easily misrepresent their IP address in order to circumvent geolocation fraud detection strategies. A more advanced method of tracking Internet user activity is device fingerprinting. Similar to IP addresses, a single device fingerprint linked to multiple claimants is reason for concern. However, even device fingerprinting is not foolproof.
  • Link Analysis: From the perspective of identity theft unemployment fraud detection, link analysis is a powerful technique used to obtain actionable intelligence from the data to which state agencies have access. One of the challenges is maintaining an environment that will let organizations quickly identify relationships between nodes, often in real time or near-real time as new data comes in. As new unemployment insurance claims are submitted, organizations need to resolve entities and discover relationships between new and historical data points.

Fraud management solutions can provide organizations with a single, integrated solution to combat the full life cycle of unemployment insurance fraud. The discussed data analytics techniques are only a piece of the puzzle. The solution is designed to help prevent and intercept attempted fraud while detecting, identifying and building the case against past fraudulent activity and improper payments.

More from Government

NIST’s security transformation: How to keep up

4 min read - One thing that came out of the pandemic years was a stronger push toward an organization-wide digital transformation. Working remotely forced companies to integrate digital technologies, ranging from cloud computing services to AI/ML, across business operations to allow workers to keep up high production and efficiency standards. Now that businesses and consumers have adjusted to the new normal of digital transformation, it is time to develop a security transformation strategy. Coping with the speed of change A constantly evolving tech…

Cyber experts applaud the new White House cybersecurity plan

4 min read - First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and responsibilities for the White House’s vision for cybersecurity. The plan is being managed by the White House’s Office of the National Cyber Director (ONCD). Cybersecurity experts have applauded the Administration’s plan as well as the new implementation calendar. For example,…

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today