A few months back, a long-term client of ours left a message that they had "found something and needed to run it by us." When our COO, Bridget and I called back, my heart sank as the client told us how several executives learned they were victims of unemployment claim fraud. Someone had stolen the victims' identities and applied for unemployment benefits. At one point, the client asked, "Did we do something wrong?" The answer is no, they did not do anything wrong.
Fast forward, and at Fortalice, we have seen a 300% increase in client cases, year over year. This advisory serves as a guidebook to help you get ahead of this issue. Unfortunately, the pace of the fraudsters is accelerating. If you find your organization, executives, or employees are a victim of this unemployment insurance fraud, this guide provides steps you can take to maintain resiliency and minimize damages.
According to a Wall Street Journal article, "This year's tax season is bringing an extra surprise to many Americans: the news that they were victims of unemployment-insurance fraud that has topped billions of dollars nationwide." The U.S. Labor Department believes $63 billion may have been paid out due to this type of fraud and other errors since March 2020.
Fortalice Point of View
Profiles of the Fraudsters
1. Insider Threat: In some cases, a current insider or recently displaced employee takes executive data and employee data to file fake unemployment claims.
2. Social Engineers: In other cases, employees have been duped by emails that encourage them to visit a fake government site to fill out information. Once the victim has been duped into providing data, the fraudsters file the fake unemployment claim.
3. Dark Web and Open Web Credential Traders: Much of the recent volume is believed to be the work of professional, Identity-theft crime rings reusing data stolen from prior data breaches such as, but not limited to, Yahoo!, Experian, LinkedIn, Netflix, Capital One, Office of Personnel management, hotel and airline travel sites, and significant healthcare institutions.
Unemployment claims are handled at the State level; each state reports historical levels of filed claims, making it easier for fraudsters to slip through.
Based upon the numerous cases we have handled at Fortalice, we have recommendations on how to best spot, stop, and respond to this type of fraud.
Indications Your Organization Might be a Victim:
Indications Your Executives or Employees Might be a Victim:
The Fortalice Fix
Your company can take a few steps to prepare:
Rapid Crisis response is critical if your executives are impacted.
Create an account team to handle the matter
a. Department of Labor has launched a new site for victims: www.dol.gov/fraud
b. Use the FTC’s IdentityTheft.gov, for step-by-step recovery assistance.
c. U.S. Department of Justice's National Center for Disaster Fraud form is online.
d. File a report online at the FBI's Internet Crime Complaint Center at www.ic3.gov .
For An Impacted Employee:
It is my hope that your organization, executives and employees can avoid being a victim of this scam. Should you have questions or need assistance with any of the guidance above, call us at 877.487.8160 or email us at Watchmen@FortaliceSolutions.com. We stand at the ready to serve.
Be healthy. Be safe. Be well.
Silicon Valley Bank (SVB) was shuttered early this month and had its deposits seized in the largest U.S. bank failure since the 2008 financial crisis. Although it may seem like SVB’s collapse will only impact its direct customers and depositors, it is far more complicated. Like vultures to roadkill, cyber scammers often wait to exploit and target victims after tragedy strikes, or bad news arises. A perfect storm of stress, uncertainty, and urgency for customers and vendors alike during this time can impair someone’s judgement when they click links and open emails they otherwise would ignore or delete. Fortalice has outlined a few different ways cybercriminals social engineer their victims during times of extreme distress and insecurity.
With this Fortalice Solutions' Client Advisory, we hope to provide important takeaways for organizations regarding the usage of conversational ChatGPT, and other, lesser-known AI platforms. While there are some very tangible benefits to ChatGPT, Fortalice believes strongly that there is a need for risk assessments, updated policies, and processes to protect intellectual property and company-sensitive information.