Ladysmith residents have been victims of a fraud scheme linked with a sophisticated attack on the U.S. unemployment system, siphoning millions of dollars from government payments intended to avert an economic collapse from the COVID-19 pandemic.
Similar scams have been reported nationwide.
It is linked to the unemployment benefits, according to Ladysmith Federal Savings & Loan Compliance Officer Leanne Burch. She likened it to the “Romeo Scam” where a scammer forms a “relationship” with a victim, transfers stolen money into the victim’s account, and then tells the victim to send the money back.
“What it boils down to is this person you are talking to [on social media] is going to send you money or there is going to be money coming into your account, and then this person gives directions on what to do with this money.”
In some cases the local customer arrives at a financial institution with a large sum of money they received and directions on how to go about returning a portion through a cryptocurrency like Bitcoin, money order or other hard to trace means. In exchange for helping move the money, the victim is offered to keep a small portion.
Burch compared the scam to a mule account set up with false paperwork using a stolen or manipulated identity, or belonging to a legitimate customer who has allowed criminals to use their account. Money mules are a mechanism used to move funds around and create distance from the fund origin.
“They are using the account to in essence launder money. It comes into your account, you do what they direct and they get really nasty when we catch them and they don’t get their money,” Burch said.
Burch called it an “elaborate scheme” where fraudsters know what financial institutions might be asking or looking for.
“In this case, they are actually stealing money from the government,” Burch said.
A May story in the New York Times citing federal authorities reported a group of international fraudsters appears to have mounted an immense, sophisticated attack on U.S. unemployment systems, creating a network that has already siphoned millions of dollars in payments that were intended to avert an economic collapse.
The attackers have used detailed information about U.S. citizens, such as Social Security numbers that may have been obtained from cyber hacks of years past, to file claims on behalf of people who have not been laid off, officials said. The attack has exploited state unemployment systems at a time when they are straining to process a crush of claims from an employment crisis unmatched since the Great Depression.
With many states rushing to pay claims, payments have gone straight to direct-deposit accounts. In Washington State, the agency tasked with managing unemployment claims there began realizing the extent of the problem when still-employed people called to question why they had received confirmation paperwork in the mail.
In a memo obtained by The New York Times, investigators from the U.S. Secret Service said they had information suggesting that the scheme was coming from a well-organized Nigerian fraud ring and could result in “potential losses in the hundreds of millions of dollars.” Roy Dotson, a special agent who specializes in financial fraud at the Secret Service, said in an interview that investigators were still working to pinpoint who was involved and exactly where they were, the New York Times reported.
”We are actively running down every lead we are getting,” Dotson said.
Dotson said it appeared the fraud was being aided by a substantial number of “mules” — people, often in the U.S., who were used as intermediaries for money laundering after making connections with fraudsters online. He warned people to be wary of quick-money job offers or other suspicious financial arrangements.
The Secret Service memo said Washington State had emerged as the primary target thus far, but there was also evidence of attacks in Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island and Wyoming. The agency warned that every state was vulnerable and could be targeted, noting that the attackers appeared to have extensive records of personally identifiable information, or P.I.I.
“It is assumed the fraud ring behind this possess a substantial P.I.I. database to submit the volume of applications observed thus far,” the memo said.
According to the New York Times story, Scott Jensen, the director of Rhode Island Department of Labor and Training, said it could be hard to distinguish between a legitimate claim and a fraudulent one when impostors provided the proper information. He said the fraudulent cases that were emerging seemed to have their paperwork in order without the hallmarks of other times when claims might have mistakes or other indicators that they were not genuine.
“Whoever it is seems to be fairly sophisticated and good at what they are doing,” Jensen said.
In a recent Ladysmith case, the victim received an account deposit from a fraudster with directions to purchase blank money orders and mail them back.
“These money orders don’t have a name on them so whoever gets them can write their name on them and cash them,” Burch said. “A money order is the same as cash. You might have purchased it, but if you lose that money order it can’t be replaced. It is like you dropped a $100 bill.”
The cases Burch has worked on so far in Ladysmith involve fraud originating in Massachusetts, Ohio and Washington state. Ladysmith Federal officials have captured the funds before they could be laundered and are attempting to return them to where they originated.
“So far it has been $30,000,” Burch said. “I have returned $21,000 to the government of those states for unemployment.”
Burch said the fraudsters are very good at what they do. She encouraged people to beware of befriending unknown individuals through social media and question similar requests to help move money for a stranger.
“I don’t know what they say, but they will totally convince a person that doing this is not wrong,” Burch said.
It appears fraudsters are applying for unemployment benefits, seeking help with an unsuspecting victim elsewhere and asking victims to return most of the funds in some manner. It is unlikely any of the local victims have even been to the states that have sent unemployment checks or deposited funds into a Ladysmith Federal account, according to Burch.
“The whole thing is fraud,” Burch said.
Red flags are triggered when a customer receives a large deposit into their account or wants to send recently received money by wire, according to Burch.
“Then we start asking more questions,” Burch said. “When a customer starts getting defensive then you start thinking something isn’t right.”
At some point, government unemployment agencies will discover the funds were fraudulently sent and and want this money returned. This could leave the individual on the hook.
“They would be responsible for it. A lien against them? Prosecution? I don’t know,” Burch said. It is a very scary thing because when it all comes down to it, if the money ran through your account, you are accountable.”
Burch expresses concern for victims who may have exposed themselves by giving out private banking information or home mailing address and now must deal with blowback from fraudsters.
“I am sure there are threats,” Burch said.
She attempts to comfort victims by telling them they are not the only one and stressing them to cut off all contact with the other party.
Ladysmith Federal officials have halted two of these fraud transactions in the last month, but they realize there could be others they did not — perhaps because the fund transfers were not large enough to garner attention.
Some workplaces have been hit particularly hard. At Western Washington University in Bellingham, Wash., more than 400 out of about 2,500 total employees have been targeted with fraudulent claims. Over several weeks in May, the university’s human resources department received a number of fraudulent claims using employees’ names, social security numbers and other sensitive information.
Western’s Information Technology Services Department believes the personally identifiable information used to file the claims was obtained via some non-WWU sources such as the 2017 Equifax credit bureau breach where 147 million consumers had information stolen.
Washington state officials said Thursday they’re stopping unemployment payments for two days while they attempt to block a gush of fraudulent claims aimed at stealing some of the billions of dollars that Congress directed to workers left jobless amid the coronavirus pandemic.
Between March and April, the number of fraudulent claims for unemployment benefits jumped 27-fold to 700, the Washington state Employment Security Department told The Seattle Times. During that same period, the amount of money bled off by suspected fraudsters jumped from about $40,000 to nearly $1.6 million.
Those estimates may rise further, as reports of “sophisticated” fraudulent activity surged during the first two weeks of May. The Employment Security Department fraud hotline has been inundated with calls — with many callers saying they were unable to get through to make a report — and so many emails came into the department’s fraud inbox last weekend that it temporarily shut down.
The surge comes as the state is trying to process a massive wave of legitimate claims for jobless benefits — and has already complicated efforts to get financial relief to workers laid off during the pandemic.
Burch urged people to be careful on social media. She warned against giving out personal information unless you contact them first. She said giving out routing and account numbers does greater damage than letting an unknown individual deposit money; it also allows the unknown individual to withdraw any money that might already be in the account.
“Now they have your information. You can’t just keep the money. You almost have to close the account because otherwise they are going to try and pull it back out,” Burch said.
“Be very wary of a friend because even a friend’s identity can be stolen,” Burch said.