With Phase 2 of new federal unemployment benefits set to release next week, thousands of claims will be placed by Coloradans, who’ve been waiting months after CARES act funding expired, or they were unable to access their accounts, due to Colorado Department of Labor revamping its system (new MyUI+) and waiting for guidance from the U.S. Department of Labor.
But not all claims are what they seem to be. During the pandemic, fraudulent claims, as well as instances of identity theft and fraud, have also been on the rise, with scammers seeking to capitalize and breach on personal data, including Social Security numbers, birth dates, among other personal information.
In recent months, Colorado residents have received a 1099-G tax form, even without filing a claim and requesting benefits, meaning someone else likely used their information. Some have even been sent U.S. Bank ReliaCards despite not filing a claim.
A USA Today reporter interviewed an unemployment scammer for a December story. Mayowa, as he’s referenced in the article and from Nigeria, said he pays $2 in cryptocurrency for the hacked data. With a compiled list of real people, he links a name to a Social Security number and a date of birth, and from there, has all the information needed.
Mayowa has reportedly made $50,000 since the pandemic began, and represents a portion of the many millions that have been siphoned throughout the pandemic (Colorado has paid out more than $6 million to fraudsters, though nearly $7 billion has been paid out to actual claims). There’s been 1.1 million fraudulent claims since 2020. With systems in place, states have been able to place holds on accounts filing those false claims.
Data breaches — including with Equifax in 2017, and SolarWins and Sonicwall more recently — have exposed much of the personal data associated with the American people. It’s one way scammers have been able to access hoards of data — and through the black web — to now capitalize during the pandemic.
Reversing course and recommendations
In addition to placing the majority of the fraudulent claims on hold, the state has hit back in its attempt to recoup the losses and add increased mitigation measures to prevent further pay out. CDLE’s ID.me verifies an individual’s identity — in any of three different ways — and has become an element for the state to combat the wrongful claims since the program’s introduction in January. Built-in anti-fraud measures are helping, too, as the state now has upwards of 50 ways a hold can be placed on an unemployment claim. The fraud indicators have helped CDLE track down the unsubstantiated claims.
In November, after UI claims spiked dramatically, CDLE conducted a fraud review, concerned with the jump in claims. CDLE reported that scammers found a way to avoid safeguards that were in place, allowing them to make the unwarranted claims.
Colorado Attorney General Phil Weiser in January issued an advisory, warning Coloradans about potential COVID-19 vaccine scams.
“We are committed to ensuring the medical safety and security of all Coloradans,” Weiser said in a statement. “As such, we will take seriously the sale or advertising of fake COVID-19 vaccinations and we will bring legal action against those who engage in such illegal conduct.”
Weiser’s office urged the public to not respond to unsolicited calls, text and emails or pay for a COVID-19 vaccine (an offer to “sell” the COVID-19 vaccine is a scam). Relying on unreliable claims from strangers on COVID-19 vaccine availability is also to be avoided.
The state also had to reverse some of the holds it had placed on accounts who triggered the hold when trying to secure unemployment claims, though it represents a small portion of people that were affected. The department recommends calling to prove identity so the hold can be reversed.
The trend nationwide hasn’t been any better. The U.S. Department of Labor previously reported, as of November, that $36 billion has been paid to fraudsters. With new implementations in place, states have been able to prevent further payments each month, though, since the start of the pandemic.
This has been helped by states adding more people to its call center, including in Colorado.
Securing your data and taking action
Despite mitigations set in place by the state to continue to crack down on scammers, the state expects the trend will continue, a CDLE spokesperson said in a January update. It’s why it recommends those who have received either a U.S. Bank ReliaCard or 1099-G tax form to file an invalid 1099-G tax document with CDLE (co.tfaforms.net/f/Report_Invalid_109), or a fraud report if no claim for unemployment benefits was made.
People can also report identity theft at identifytheft.gov, or can contact the three credit bureaus — Equifax, Experian and Transunion — and place a fraud and identity theft alert on their name and Social Security number. The U.S. Bank ReliaCard can be deactivated by calling 1-855-282-6161.
It’s also encouraged to not click links in strange emails, one where the sender is requesting something urgently, or sends the email at an unfamiliar time with an unfamiliar address. In some cases, phone calls will say a warrant for an arrest is urgent if a certain action isn’t taken, a scheme devised by scammers to increase urgency from the victim and deliver personal information.
CDLE also recommends regularly reviewing credit reports, which are free at annualcreditreport.com through April, from the credit bureaus, and also says to create a file to keep records relating to identity theft in one place, in the event there is a notification of further fraud or breaches of personal information.