(The Center Square) – The Pennsylvania Department of Labor and Industry is warning residents about “increasingly aggressive and sophisticated schemes” to steal unemployment compensation benefits, though experts contend much of it can be avoided.
“Since the beginning of the COVID-19 crisis, foreign and domestic fraudsters have been exploiting unprecedented demand on the nation’s unemployment compensation systems that exist to protect hardworking Americans and their families during times of hardship,” Labor and Industry Secretary Jennifer Berrier said Wednesday in a statement.
“Fraud-detection measures have revealed an increased level of sophistication in the most recent attacks on our system,” Berrier said. “Today, I am reaffirming our commitment to protecting Pennsylvanians’ personal data, thwarting attempts to steal public money and working with law enforcement agencies at every level to deter, catch and prosecute these bad actors.”
Scammers initially targeted the federal Pandemic Unemployment Assistance program early in the pandemic but have shifted focus to traditional state unemployment in recent months, Berrier said.
Berrier touted the state’s “numerous fraud-detection measures,” such as the use of virtual identity verification, but acknowledged the department does not yet employ multifactor authentication, a two-step process that’s commonly used to ward off hackers.
The announcement followed weeks of reporting by Pennsylvania TV stations about the fraud, spawned by complaints from claimants whose funds were diverted from their accounts. The Department of Labor and Industry previously acknowledged fraudulent attempts to open new claims but had not publicly addressed attacks on existing accounts.
Jonathan Weissman, a computer expert with the Rochester Institute of Technology, told ABC27 in Harrisburg that despite claims of the sophisticated nature of the attacks, “the scheme does not appear to be sophisticated at all.”
“Cybercriminals are finding usernames and passwords – and trying them,” he said. “If they work, they work.”
Experts told the news organization multifactor authentication is considered a “minimum standard” to prevent theft online.
Berrier said multifactor authentication “will be added for claimants” but did not offer a timeline on when that would happen. According to the Wednesday statement, “since a new UC benefits system went live in June, the department has prevented more than $4.7 billion in state and federal dollars from being paid out to fraudsters.”
The statement did not include the total amount of money fraudsters have successfully scammed from the system or any information on the arrest or prosecution of those involved with the crimes.
Labor and Industry is working with the National Unemployment Insurance Fraud Task Force, FBI, Homeland Security, other law enforcement, the state treasury, state attorney general’s office and others to help identify and block fraud attempts. The department encourages those targeted to report issues on the UC Benefits Website.
The department also encourages those who suspect fraud to file a police report and provide a copy of the report to the Office of Unemployment Compensation.
“(Labor and Industry) takes seriously its responsibility to safeguard taxpayer dollars and individuals’ personal data,” Berrier said. “We will continue these efforts aggressively and transparently.”