The content below is directed at state agencies, however is relevant to City of Portland employees. Some of our co-workers, friends and colleagues are on unemployment. Some of our co-workers, friends and colleagues are in Washington State and may be affected.

Also, this is an example of how fraudsters will find ways to exploit any process where they can steal money or information. Are there City of Portland processes that could be similarly attacked? If you have a concern, please contact BTS Information Security so we can provide security expertise and tools.

Massive Fraud Against State Unemployment Insurance Programs

The United States Secret Service has received reporting of a well-organized Nigerian fraud ring exploiting the COVID-19 crisis to commit large-scale fraud against state unemployment insurance programs. The primary state targeted so far is Washington, while there is also evidence of attacks in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida. It is extremely likely every state is vulnerable to this scheme and will be targeted if they have not been already.

In the state of Washington, individuals residing out-of-state are receiving multiple ACH deposits from the State of Washington Unemployment Benefit Program, all in different individuals’ names with no connection to the account holder. A substantial amount of the fraudulent benefits submitted have used PII from first responders, government personnel and school employees. It is assumed the fraud ring behind this possess a substantial PII database to submit the volume of applications observed thus far.

This fraud network is believed to consist of hundreds, if not thousands, of mules with potential losses in the hundreds of millions of dollars. The banks targeted have been at all levels including local banks, credit unions, and large national banks.