PS_shutterstock_1874877652.jpg

Last year was one of Bonnie Kent’s most successful ever working as a Realtor in Colorado Springs — so when she found a letter in her mailbox in December notifying her that state unemployment benefits had been approved under her name, the irony wasn’t lost on her.

“The form came to me at my current address under my maiden name,” she told the Business Journal. “I haven’t used my maiden name since 1999.”

Now, two decades later, a fraudster appears to have used Kent’s old surname, along with other personal information, to file a fraudulent unemployment insurance claim through the Colorado Department of Labor and Employment.

Thousands of other Coloradans have had nearly identical experiences as they have become ensnared in a multimillion-dollar unemployment scam targeting both regular unemployment insurance and funds provided by the Pandemic Unemployment Assistance program enacted in March of last year.

“Between PUA and regular unemployment, we’ve paid out about $10 million in fraudulent benefits,” said Cher Haavind, deputy executive director and chief communications officer for the Labor Department, during a virtual press conference held Jan. 14. “And that’s what we reported to the office of the Inspector General, compared to $7 billion that we have not paid out.”

That figure represents around 800,000 fraudulent or potentially fraudulent claims made through the pandemic relief program and roughly 150,000 from the regular unemployment system. The state system seems to have become the primary target for fraudsters this month after PUA benefits expired in December and Congress has worked to extend them into 2021.

Software expansion

Many false claims caught by the state were found due to anti-fraud software that had been used in the federal system for months, but was just installed on the state unemployment system Jan. 10.

Dubbed MyUI+, the software combs through unemployment accounts looking for more than two dozen characteristics that might indicate a fraudulent claim, such as an applicant who is more than 100 years old and may actually be deceased.

During last week’s press conference, Phil Spesshardt, CDLE’s benefits services manager, said the state will also be making use of new biometric software, called ID.me, which uses facial recognition technology to go a step further to verify that the person named on an application is actually the person who submitted it. Spesshardt said that even people who have verified their identity previously will be required to re-verify through the new system.

“That takes a lot of the fraudsters out who really are just counting on systems where they can just go in and enter data,” Spesshardt said.

But while the new systems seem to already be preventing additional millions from going to criminals, they’re also expected to create further delays in distributing funds for people who legitimately need them.

“I think it’s important to note that we are walking a tightrope here,” said Joe Barela, executive director at CDLE, during last week’s update. “We want to get benefits out as quickly as possible to those who need unemployment insurance at this time, but we also want to put the systems in place that protect our funds, our benefits from going out the door to fraudulent claims.”

Barela and his team are urging anyone who has received documentation of a claim they didn’t apply for to fill out a fraud report at cdle.colorado.gov. As of Jan. 14, the department’s call center had fielded calls reporting more than 33,000 suspected instances of fraud, with more expected to follow in coming weeks.

The sheer scale of the unemployment seen since last year raises another question: How is personal data used to defraud the unemployment system falling into the wrong hands to begin with?

Déjà vu

Sergeant Joe Matiatos, supervisor of the financial crimes unit at Colorado Springs Police Department, said that most of the information being used in recent unemployment scams has likely been in circulation for several years.

“My understanding is that with a lot of these breaches that have occurred — whether it’s Equifax or any of the ones where our information has been leaked out there — people can literally go on the dark web and buy that information,” Matiatos said. “One of our suspects we talked to in another unrelated case said it’s like $2.99 and you can get someone’s name, Social Security number — that kind of stuff.”

For Kent, opening her mail last month to find the suspicious documents immediately reminded her of a similar experience she and her husband had several years ago.

“It’s been six or seven years ago now that my husband and I went to file our federal taxes with the IRS, and we found out that we were divorced and living in different states and had multiple children and were refunded — if you added up whoever used his Social Security number and my Social Security number — like $30,000,” she said.

Kent immediately tried calling in to the labor department to report the suspected fraud, but she has been unable to reach anyone. Then she filled out a form she found on the department’s website, but as of Jan. 18, she still had received no response.

A few days after the letter came, she received a US Bank Reliacard with a PIN, which is used to access unemployment funds provided by the government. She changed the PIN, thinking that doing so might prevent her mystery scammer from accessing the funds, but Matiatos said that by the time a Reliacard reaches a victim’s mailbox, the funds in the account it’s tied to have likely already been withdrawn.

“Once that money’s approved, our suspects are seeing that the money is in the account and they’re just taking it out and moving it wherever they want to move it to,” he said.

A tough crime to investigate

As of last week, Matiatos still had 600-700 pending cases of state unemployment fraud on his desk to review, and he’s concerned he’ll never know the identity of any of the criminals ultimately responsible for putting them there.

“Our officers take a lot of reports from citizens that want to report a crime over the phone, but there’s typically not any suspect information,” he said. “They were getting inundated with these calls, and so we started referring people to just go onto our site and report a crime online, which they can do.”

Through CDLE, he has learned that most of the cybercriminals responsible for the recent unemployment fraud in the state live overseas, further complicating any efforts to identify a suspect and build a prosecutable case.

“We talk about scams all the time: ‘Try to identify the scam. Don’t fall for the scam,’” he said. “Unfortunately, as far as I know, there’s no way for us to protect ourselves from these right now.”