Suburban police departments are being flooded with reports of fraudulent unemployment benefit claims: ‘It doesn’t make a lot of sense.’
River Forest resident Joe Marrazzo phoned his local police department this week to file a report, even before he had a chance to explain his problem, the dispatcher swiftly interjected: “Is this about a fraudulent unemployment benefits claim?”
“I was already on the lookout when this happened to me, because it had already happened to my mother and brother,” said Marrazzo, 49, a video editor who is among the more than 350,000 individuals across Illinois whose personal identities have been used for fraudulent unemployment claims in the wake of the COVID-19 pandemic.
“What’s really crazy is, this is happening to everyone, so why have we not heard more about this?” Marrazzo added.
Since the beginning of the pandemic, suburban Chicago law enforcement officials say their departments have been bombarded with surging numbers of fraudulent unemployment benefit reports. At times, they are fielding dozens of nearly identical calls from frustrated residents in a single day. In some suburbs, the number of reports taken since March now stands in the hundreds.
In most cases, the target discovers the scam when their employer alerts them that a claim has been filed in their name despite still being employed. A letter then arrives from the state detailing the unemployment benefits, and often times, a debit card is included in the mailing.
The investigation into the spiraling number of fraudulent claims is being handled by the Illinois Department of Employment Security, a state agency already overwhelmed by a record number of legitimate unemployment compensation claims filed by workers who have lost their jobs during the pandemic.
On Friday, Attorney General Kwame Raoul announced the launch of a task force that will give federal, state and local law enforcement organizations the ability to share resources. The task force will include the state’s Department of Employment Security (IDES), State Police and Department of Revenue, along with the U.S. Department of Labor Office of Inspector General and the IRS.
Yet despite the surge in fraudulent claims in recent months, officials at the IDES said the state has “no reason to believe any of its systems have been hacked or breached.”
“IDES is not the source nor the cause of this nationwide identity theft unemployment fraud,” spokeswoman Rebecca Cisco said, adding that the source of the fraud can likely be attributed to large corporate data cyber hacks.
She cited the 2017 hacking of Equifax, which houses personally identifiable information of those who have applied for lines of credit, loans and other services that require sensitive personal information to be provided.
“That personal information was not secured tightly enough and resulted in fraudsters getting ahold of it who are now using it to apply for, and gain access to, benefits for which they are not eligible,” Cisco said.
IDES, and all other state unemployment agencies across the country, “are victims of the widespread unemployment fraud happening right now,” Cisco said.
She said the unemployment systems are a channel through which fraudsters attempt to steal federal dollars.
“Most importantly, it is taking away the time and resources of the department and its employees which would be better served to help legitimate claimants gain access to benefits for which they are eligible to receive while continuing the work required to administer state and federal unemployment programs,” Cisco said.
What’s to gain?
As IDES officials scramble to field reports from Illinois workers whose personal information was used fraudulently, perhaps most puzzling to law enforcement is the motive behind these cybercrimes, as there appears to be little to no financial gain by the perpetrators, nor any losses to victims.
Both law enforcement and cybercrime experts alike warn that the long-term consequences of the pandemic-era fraudulent claims is perhaps yet to be seen, and could have potentially serious implications for both identity theft victims and government agencies down the road.
Evanston Police Cmdr. Brian Henry said it’s not uncommon for the department to receive nearly a dozen reports of unemployment fraud from local residents in a single shift, with the spiking number of victims recently including members of the city’s own police department.
“There are no losses to any of the victims, and no rhyme or reason to these crimes, but it almost makes me believe they have everyone’s information,” Henry said.
The Winnetka Police Department received 214 reports from residents during the past six months whose personal information was used for fraudulent unemployment claims, Winnetka Police Chief Marc Hornstein said.
“We’re not aware of any financial losses to residents ... it’s almost as if it’s an invisible crime, and we’re waiting for the other shoe to drop, because I don’t think we’ve seen part two of this,” Hornstein said.
In nearby Northfield, with a population of 5,500, the village’s police department has recorded nearly 100 fraudulent unemployment reports in the past six months, far surpassing other types of identity theft scams.
Sgt. Michael Hutensky said police are advising residents to report the fraud to IDES, and suggesting that they sign up for credit monitoring.
“The puzzling aspect to this type of fraud is we don’t know what the upshot is, and it doesn’t make a lot of sense,” Hutensky said.
Despite having 223 documented incidents of IDES fraud reported in Wilmette since Oct. 1, police have not heard from any victims who suffered a financial loss, Wilmette Police Chief Kyle Murphy said.
In addition to reporting the fraud to IDES, Murphy said victims are also urged to contact one of three major credit bureaus — Experian, TransUnion and Equifax — to place a fraud alert and check their credit report for fraudulent activity.
The Federal Trade Commission also provides recommendations for victims of fraudulent unemployment benefit claims on its website.
“I think the main concern I’m hearing from residents is they’re wondering, ‘is there now the potential for future fraud using their identities?’” Murphy said.
A troubling trend
The rash of fraudulent unemployment claims across the country is troubling to Thomas Hyslip, a cybercrimes expert and former federal law enforcement officer with the U.S. Department of Defense.
“It seems to me, that this could be an effort to cause mayhem to unemployment programs at state agencies across the country,” said Hyslip, an instructor in the Criminology Department at the University of South Florida.
Hyslip said the recent international hacking incident targeting SolarWinds software is one example of how sophisticated cybercriminals can successfully execute a massive security breach compromising the personal information of legions of employees at both public and private organizations.
“State systems use the same network, which is like the same backbone, and when someone hacks into one system, they can move laterally to the next,” Hyslip said.
“Unfortunately with the SolarWinds hacking, right now we’re probably only seeing the tip of the iceberg, and it’s going to take years to clean up this mess,” Hyslip said.
A spokeswoman for the Illinois Information Security Division said state officials are, “aware and monitoring the potential breach with SolarWinds,” a software targeted in a recent incident federal officials attributed to Russian hackers. The massive data breach purportedly aimed at destabilizing both public and private organizations.
“The state does use SolarWinds, but our systems have not been impacted,” spokeswoman Jennifer Jessen Schultz said.
In a statement on the SolarWinds website, officials at the Austin, Texas-based company said, “SolarWinds was the victim of a cyberattack to our systems ... This attack was a very sophisticated supply chain attack, which refers to a disruption in a standard process resulting in a compromised result with a goal of being able to attack subsequent users of the software.”
A history of scams
But nearly a century before cybercriminals were hacking into IT systems with malevolent intent, bad actors were exploiting workers by perpetrating scams during national crises in America, including the Great Depression.
“It strikes me that these fraudulent unemployment claims are another classic example of some folks looking to take advantage of workers during a chaotic moment in our history — the COVID-19 pandemic” said Robert Bruno, a professor and director of the Labor Education Program at the University of Illinois at Chicago.
Bruno said common Depression-era grifting schemes included offering the unemployed day jobs, then failing to pay the worker any wages once the tasks were completed, or promising riches with Ponzi-like scams that demanded an investment upfront.
“During bad economic times, there are always those who will exploit workers who are feeling desperate, and with the unemployment fraud, they’re clogging up the system and creating additional work for the state,” Bruno said. “They’re also making the victims fearful that their personal information has been exposed, and forcing them to spend their personal time tracking all of this down.”
The personal impact
Such was the case for Chicago resident Evelyn Lauer, a high school teacher and mother of two, who discovered last September that a fraudulent unemployment claim had been filed in her name.
“When I opened the letter from IDES, I was like, ‘What the heck is this? I’ve never filed for unemployment in my life, and I’ve been at the same school district for more than 20 years,’” Lauer said.
While Lauer immediately reported the fraud to IDES as recommended, and assumed the matter was resolved, she recently received a second letter from the state confirming a request for unemployment benefits in her name.
“I’m really annoyed, because how is this happening twice?” Lauer said. “It seems like the state’s system must be really backward and disorganized, and I’m really frustrated, because I can’t get anyone from IDES on the phone.”
Tracy Syslo, who works in human resources at a Schaumburg insurance company, said like Lauer, she has also been a victim of unemployment fraud a second time, and has not incurred any financial losses.
“Luckily, I work in HR, so my colleague asked me, ‘Did you apply for unemployment?’ and I was very aggressive about getting this resolved,” Syslo said.
Syslo, who said she promptly filed a fraud report with the state in November, 1/4 n was shocked when her company’s HR department recently received a second unemployment filing in her name.
“I’m monitoring my credit, because I know all of my personal information is out there now,” Syslo said. “I think whoever is behind this must be trying to create chaos and make everyone panic.”
Twitter @kcullotta
