The US Department of Labor’s Office of the Inspector General estimated in a November report that schemes targeting pandemic unemployment payments represented approximately $36 billion in losses through November 2020.
According to Michele Evermore, a policy analyst at the National Employment Law Project, "a failure to move quickly combined with the ingenuity of the scammers has allowed the fraud to continue rippling across the country, which contributed to delays in payments to out-of-work Americans."
The Department of Labor, the FBI and the Secret Service say that they are working to uncover fraud, filling in gaps in identity verification systems and recover millions in fraudulent payments.
California officials recently announced they suspect as much as $2 billion was paid out in improper payments. However, some are calculating that number as high as $8 billion. At least 35,000 unemployment claims have been fraudulently made on behalf of prison inmates between March and August, costing the state $140 million in paid out benefits according to officials.
Other states have reported lower losses: $242 million in Massachusetts, $200 million in Michigan, $18 million in Rhode Island, $8 million in Arizona and $6 million in Wisconsin.
A newly released audit of Washington state found that through the end of June, the Employment Security Division (ESD) had lost $600 million dollars to Nigerian scammers, and recovered only about $250 million. ESD said more has been recovered since June for a current total of $357 million. Original estimates placed the loss at possibly close to $1 billion, but a large amount of the difference was recovered when it was detected.
The audit found ESD had deliberately bypassed the waiting period for benefits to get checks out faster. That action was taken by ESD director Suzie LeVine at the urging of Democrat Governor Jay Inslee. LeVine was a political appointee of Inslee’s who had been a donor to his campaign.
LeVine admitted that fraud was happening at ESD before the coronavirus pandemic struck Washington in March, and yet did not take actions to fix the known flaws.
The Nigerian Fraud ring called “Scattered Canary,” used information of Washington residents from previous data breaches. Due to the rush to get payments out, ESD did not have enough time to verify claims before sending payments. "It was ripe for exploitation" according to security experts.
Usually 5,000 to 7,000 new, or “initial,” claims are filed a week in Washington. But starting in March, as Inslee’s mandated lockdowns shut down the economy, those claims spiked to a peak of 181,975 initial claims in a single week. By late April, the state had taken in around 860,000 initial claims, overloading its website and call center.
Within two weeks of receiving the funding from the CARES Act $600 million had been stolen from the fund, which totaled roughly 8 percent of the $8.6 billion paid over the summer. The state had to stop all payments for days while it investigated what was happening. Since March, the state has identified over 122,000 fraudulent claims.
USA Today interviewed one of those scammers who hit not just Washington, but some of the other states as well. Mayowa, an engineering student in Nigeria, estimated he’s made about $50,000 since the pandemic began. He told Nick Penzenstadler at USA TODAY "that after compiling a list of real people, he turns to databases of hacked information that charge $2 in cryptocurrency to link that name to a date of birth and Social Security number. Mayowa said he is successful about one in six times he files a claim."
According to USA Today, Mayowa and his crew of foreign scammers focused in November on Hawaii, Florida and Pennsylvania. The paper noted that "…in addition to the crushing volume of legitimate claims during COVID-19 and public pressure to speed up payments, mobile banking apps and prepaid debit cards issued by some state unemployment offices paved the way for fraud this year," according to security experts.
Penzenstadler wrote that "…the step-by-step playbook the scammers follow is shared on Telegram, an app that provides cloud-based anonymous messaging and acts as an internet bulletin board of tips and questions."
In September, the US Labor Department gave $100 million to be used by states to combat fraud. Federal prosecutors have tracked down a US residents who help carry out the schemes called "threat actors" and "money mules." Scammers require real people to file their fake unemployment claims. These people knowingly, and sometimes unknowingly help launder money by opening bank accounts or online debit card accounts.
According to the Spokesman Review, "Washington’s unemployment system missed potential red flags, including payments to out-of-state banks and the use of suspicious email accounts, according to security experts. All of that happened despite a $44 million software upgrade at ESD that was supposed to help detect such fraud." Thousands of Washingtonians have still not received their unemployment checks since the beginning of the economic crisis.
Spokesman Will Gomberg told USA Today that the Illinois Department of Employment Security has stopped over 341,000 claims due to identity theft since March 1.
Experts told USA Today that fraudsters launder the money through online accounts and people with legitimate US bank accounts. "That not only obscures the scammer’s identity but makes it harder for the government to detect the fraud and recoup funds. Mobile banking and other online money-transfer apps allow access to accounts without anyone appearing in person and offer debit cards that are easily moved on the black market."
LeVine told USA TODAY that scammers used "Green Dot accounts to transfer funds in bulk in the Washington fraud. Mayowa, the scammer in Nigeria, told the paper that fraudsters also use Venmo, PayPal, Cash App and Walmart2Walmart to extract funds."
"Once those funds go to a Green Dot account, they’re often transferred through a series of movements into mules based in the US probably, then moved offshore in two to three hops," Armen Najarian, chief identity officer of Agari, a security firm told the paper.
Three states that declined to share their numbers–Oregon, Tennessee and West Virginia–issued identical statements to USA TODAY, saying they "cannot discuss details involving ongoing fraud prevention tactics, investigations, or the scope of potentially fraudulent activity." USA TODAY noted that those states belong to the same lobby organization, the National Association of State Workforce Agencies.