Phishing Schemes on the Rise as Federal Unemployment Programs Approach September Expiration

Fraudulent Texts, Emails, Social Media Messages Among Correspondence to Unsuspecting Victims

The Illinois Department of Employment Security (IDES) is urging Illinoisans to be on high alert for phishing schemes that may be leading to identity theft as international bad actors continue to attempt to exploit unemployment systems across the country. Fraudulent text messages, emails, and social media messages, posing as IDES and other state agencies and constitutional offices, are being sent to individuals in an attempt to phish for personally identifiable information (PII) and other data. This is a continued, organized attempt to defraud state unemployment insurance systems until the expiration of the federal unemployment programs on September 4, 2021.

It is imperative that claimants and the public at large remain vigilant to detect fraudulent correspondence. The Federal Trade Commission (FTC) has provided steps individuals should follow to recognize and avoid phishing schemes. Individuals should also take steps to strengthen and protect online account information. IDES claimants should maintain strong, unique passwords to their accounts, and never share personal account information with untrustworthy sources.

Since March 2020, IDES has shut down more than 1.7 million claims filed with the Department in the names of identity theft victims. Throughout the pandemic, these organized and sophisticated crime syndicates have continued to adapt and evolve their attempts to access the unemployment insurance system. IDES has worked tirelessly to enhance internal analytic tools, fraud detection and prevention methods, and identity verification measures to increase protections around fraudsters accessing the system and filing fraudulent claims. Last week alone, the State of Illinois and IDES networks blocked nearly 450 million nefarious attempts to access the Department’s benefit system, either to file a fraudulent unemployment insurance claim or to compromise an existing claimant account to redirect payment.

Illinois is among the states who have committed to administering the federal unemployment insurance programs until their expiration in September to ensure those who are struggling receive the benefits they eligible for under federal law. These programs include Pandemic Unemployment Assistance (PUA), Federal Pandemic Unemployment Compensation (FPUC), and Pandemic Emergency Unemployment Compensation (PEUC). As expected, fraudsters are increasing their attempts to access the unemployment insurance systems in states who have not opted out of administering these programs early. This is being done through continued data mining via phishing schemes to attempt to file claims in the names of identity theft victims or steal benefits from existing claimants.

Identity theft-related unemployment insurance fraud has been rampant nationwide since the onset of the pandemic as a result of the wide-scale availability of PII and the creation and extensions of the federal unemployment insurance programs – PUA, FPUC, and PEUC. Large corporate data breaches and cyber hacks (e.g. Equifax data breach in 2017 which compromised the PII of nearly 150 million; Yahoo data breach in 2014 which compromised the PII of nearly 3 billion; Target data breach in 2013 which compromised the PII of nearly 110 million) have exposed and compromised the PII of millions of victims, resulting in organized fraudsters taking advantage of this information and using it to capitalize monetarily during a time of crisis.

If you have been the victim of identity theft-related unemployment insurance fraud, visit the IDES fraud webpage for information about how to report the claim.