A “well-orchestrated” COVID-19-related fraud targeting multiple American states has been traced back to Nigeria, an internal US Secret Service memo said.
The memo, seen by The Guardian, was reportedly sent to Secret Service’s field offices across the US on Thursday, May 14.
The Secret Service said the fraudsters are exploring the COVID-19 pandemic to commit massive fraud against by targeting unemployment insurance programmes.
“The United States Secret Service has received reporting of a well-organized Nigerian fraud ring exploiting the COVID-19 crisis to commit large-scale fraud against state unemployment insurance programs,” the memo said.
A California-based cybersecurity firm Agari said on Tuesday, May 19, that “some if not all” of those who committed the fraud are part of a Nigerian fraud group Scattered Canary.
Although Washington State was the primary target, evidence of the fraud was seen in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida.
To carry out the scam, the perpetrators, posing for instance as the State of Washington Unemployment Benefits Programme, sent individuals residing out-of-state Automated Clearing House (ACH) deposits in different names without connection to the account holders.
The fraudsters then filed for unemployment claims in different states using Social Security Number and other personal identification information (PII) of their victims, which included first responders, government and school employees.
“It is assumed the fraud ring behind this possess a substantial PII database to submit the volume of applications observed thus far,” the memo said.
Nigeria’s Economic and Financial Crimes Commission did not immediately respond to questions about the matter.
Washington Feeling the Pinch
Although the memo insisted that it is “extremely likely every state is vulnerable to this scheme,” Washington seemed to be the hardest hit so far.
As the impacts of the coronavirus pandemic bite harder, many American states reduced the weeklong waiting period of paying unemployment claims as more people were forced out of jobs.
An estimated 38.6 million people have been out of work since the coronavirus lockdowns began in the country.
Washington State’s commissioner of the state Employment Security Department Suzi LeVine said the rush to pay the claims as quickly as possible may have left states like Washington vulnerable.
The Seattle Times reported that 410 out of the 2,463-person staff of Western Washington University were targeted.
“There’s a dire need to get money out quickly,” LeVine said. “This makes us an attractive target for fraudsters.”
The extent of the fraud prompted the state to temporarily halt payment of unemployment benefits for two days on May 14, with fraudulent claims between March and April spiking 27-fold to 700. Payments increased from just $40,000 to $1.6 million during the same period.
LeVine said at a press conference on Thursday that the cost of fraudulent claims has risen significantly above the $1.6 million paid out in April. She said the need to subject filed claims to additional scrutiny has caused delays in payments to those who truly needed the money and that officials were working to recover some of the money.
Although LeVine did not say exactly how much has been lost to the suspected criminals, multiple media reports said the state may have been bled “hundreds of millions of dollars”.
Scattered Canary Sings Fraud
A senior director of threat research at Agari, Crane Hassold, said in a 2019 blog post that the company gave the Nigerian fraud group the name Scattered Canary.
The chief executive officer of the cybersecurity firm Patrick Peterson said the group’s recent activities also included attacks on Hawaii unemployment programme and CARES Act Economic Impact Payments programme set up to provide relief because of the coronavirus pandemic.
Credit: The Guardian