Experts Blog

Fortalice Client Advisory: Unemployment Fraud
April 13, 2021

Fortalice Client Advisory

From the Desk of the CEO, Theresa Payton

A few months back, a long-term client of ours left a message that they had "found something and needed to run it by us." When our COO, Bridget and I called back, my heart sank as the client told us how several executives learned they were victims of unemployment claim fraud. Someone had stolen the victims' identities and applied for unemployment benefits. At one point, the client asked, "Did we do something wrong?" The answer is no, they did not do anything wrong.

Fast forward, and at Fortalice, we have seen a 300% increase in client cases, year over year. This advisory serves as a guidebook to help you get ahead of this issue. Unfortunately, the pace of the fraudsters is accelerating. If you find your organization, executives, or employees are a victim of this unemployment insurance fraud, this guide provides steps you can take to maintain resiliency and minimize damages. 

According to a Wall Street Journal article, "This year's tax season is bringing an extra surprise to many Americans: the news that they were victims of unemployment-insurance fraud that has topped billions of dollars nationwide." The U.S. Labor Department believes $63 billion may have been paid out due to this type of fraud and other errors since March 2020.

Photo credit:, Markus Winkler

Fortalice Point of View

Profiles of the Fraudsters

1. Insider Threat: In some cases, a current insider or recently displaced employee takes executive data and employee data to file fake unemployment claims.

2. Social Engineers: In other cases, employees have been duped by emails that encourage them to visit a fake government site to fill out information. Once the victim has been duped into providing data, the fraudsters file the fake unemployment claim.

3. Dark Web and Open Web Credential Traders: Much of the recent volume is believed to be the work of professional, Identity-theft crime rings reusing data stolen from prior data breaches such as, but not limited to, Yahoo!, Experian, LinkedIn, Netflix, Capital One, Office of Personnel management, hotel and airline travel sites, and significant healthcare institutions.

Unemployment claims are handled at the State level; each state reports historical levels of filed claims, making it easier for fraudsters to slip through.

Based upon the numerous cases we have handled at Fortalice, we have recommendations on how to best spot, stop, and respond to this type of fraud.

Photo credit:, Josh Frenette

Red Flags 

Indications Your Organization Might be a Victim:   

  1. Notice(s) from a state unemployment division naming a claim for unemployment benefits for employees that have never worked for you.
  1. Unemployment claims for current staff that is working and have not been terminated or furloughed.
  1. Your employees are notified they received unemployment benefits, but they did not file for them.
  1. Your employees submit their tax returns or apply for unemployment benefits and find out there is a previously filed fraudulent claim.
  1. You begin to receive fees and statements involving claims for unemployment insurance filed.
  1. Unsolicited phone calls, emails, and U.S. mail inquires related to unemployment benefits.

Indications Your Executives or Employees Might be a Victim:    

  1. Receiving old school mail about an unemployment claim or payment made when the person did not file.
  1. A 1099-G tax form is received in the mail with unemployment benefits, but the person is still working. 

The Fortalice Fix

Photo credit:, Mateus Campos Felipe

Your company can take a few steps to prepare:

  1. Proactive threat hunting for your executive team – include using search services such as Have I have Been Pwned or Leak Peek Cyber News;  
  1. Use variations of full names and nicknames and personal and work email addresses
  1. Consider seeking permission to proactively enact credit freeze requests on behalf of your executive team at all three credit bureaus
  1. Remind executives and employees that they are entitled to a free credit report per year from each of the three credit bureaus (Equifax, Experian, Transunion) through or by phone at 1- 877-322-8228.

Rapid Crisis response is critical if your executives are impacted.

Create an account team to handle the matter

  1. Contact your executive's state unemployment office and report the fraud (Be aware that some victims may have fraudulent filings in multiple states). 
  1. Fill out Form 14039 for the executive with the IRS:
  1. Consider freezing their credit file at all three reporting agencies
  1. Report the unemployment fraud to various agencies:

a. Department of Labor has launched a new site for victims:  

b. Use the FTC’s, for step-by-step recovery assistance. 

c. U.S. Department of Justice's National Center for Disaster Fraud form is online. 

d. File a report online at the FBI's Internet Crime Complaint Center at . 

For An Impacted Employee:

  1. Make sure they are aware that the FTC has a website that can assist at The site guides victims through the process of enacting a free, one-year fraud alert on their credit and closing fraudulent accounts opened in their name. The victim can request an FTC Identity Theft Report to use to clear fraudulent information from their credit reports.
  1. Department of Labor site has assistance for victims:  
  1. The victim may want to file an identity theft report with his/her local police department.
  1. The victim should also file a Form 14039 with the IRS:

It is my hope that your organization, executives and employees can avoid being a victim of this scam. Should you have questions or need assistance with any of the guidance above, call us at 877.487.8160 or email us at We stand at the ready to serve.

Be healthy. Be safe. Be well.

Theresa Payton


Let's Talk
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.