What the scammers are trying to get people to do is plain and simple: they want victims to click on a link to “make necessary corrections” to their unemployment insurance (UI) claim, “verify” their personal information, or “reactivate” their UI benefits account.
Once you click on the link, you’re taken to a fake state workforce agency (SWA) website. If you input your website credentials and personal information -- like your Social Security number -- then scammers can use the information to file fraudulent UI benefits claims under your name or steal your identity.
Tim Sadler, CEO of email security firm Tessian, told ConsumerAffairs that people need to be aware of how the information they share online can be used against them.
“It’s also important to be skeptical of emails asking you to click links and disclose personal information. The rule of thumb? Don’t click on anything unless it’s from a legitimate source - you can look for the .gov URL - and check that the sender’s email domain matches the sender’s name,” he said.
How low will they go?
Sadler said he’s seen everything over the course of the pandemic, including fake websites and domain-spoofing around stimulus payments and vaccines. To him, it’s no surprise that fraudsters would stoop as low as trying to con an unemployed person out of their unemployment check.
“Scammers will often register new domains so that they can lure people to a webpage after they’ve clicked a link in a phishing email. The fake websites, as outlined by the Department of Justice, follow this tried-and-true method, duping people into thinking they are applying for unemployment benefits when, in reality, they are disclosing sensitive information that can help bad actors commit wire transfer fraud or identity theft,” Sadler said.
To identify their targets, Sadler said bad actors will often turn to LinkedIn -- which has already been proven to be vulnerable this year -- and social media posts. While LinkedIn may sound like an unlikely place to go victim-hunting, Sadler cited a recent report from Tessian showing that 93% of people share job updates online.
“While it’s common for people to let their networks know that they’ve been laid off and are looking for jobs, they are also unknowingly giving cybercriminals the information they need to craft these types of social engineering attacks,” Sadler said.
“Bad actors are also capitalizing on the fact that people are turning to the internet to seek answers and support during this time. Fraudulent websites are designed to trick people while capitalizing on their uncertainty, banking on them prioritizing convenience over security.”
The FTC is on your side
The FTC is serious about taking these fraudsters down, but they need consumers to help out. If you see or receive a text message or email that looks suspicious, you can report it to the National Center for Disaster Fraud (NCDF) by completing an NCDF Complaint Form or by calling (866) 720-5721.
The FTC also wants you to report the issue at ReportFraud.ftc.gov and to tell a friend. By sharing your experience and knowledge about this kind of fraud, you can help someone else avoid the trap.