Trump’s Secret Service Department Uncovers International Fraud Ring Stealing Hundreds of Millions of Dollars

The NY Times had more details:

A group of international fraudsters appears to have mounted an immense, sophisticated attack on U.S. unemployment systems, creating a network that has already siphoned millions of dollars in payments that were intended to avert an economic collapse, according to federal authorities.

The attackers have used detailed information about U.S. citizens, such as social security numbers that may have been obtained from cyber hacks of years past, to file claims on behalf of people who have not been laid off, officials said. The attack has exploited state unemployment systems at a time when they are straining to process a crush of claims from an employment crisis unmatched since the Great Depression.

The former president’s words are expected to draw interest at a time when his successor in the Oval Office has received immense scrutiny for his handling of the outbreak.

With many states rushing to pay claims, payments have gone straight to direct-deposit accounts. In Washington State, the agency tasked with managing unemployment claims there began realizing the extent of the problem in recent days when still-employed people called to question why they had received confirmation paperwork in the mail.

“This is a gut punch,” said Suzi LeVine, the commissioner of Washington State’s Employment Security Department.

In a memo obtained by The New York Times, investigators from the U.S. Secret Service said they had information suggesting that the scheme was coming from a well-organized Nigerian fraud ring and could result in “potential losses in the hundreds of millions of dollars.” Roy Dotson, a special agent who specializes in financial fraud at the Secret Service, said in an interview investigators were still working to pinpoint who was involved and exactly where they were.

”We are actively running down every lead we are getting,” Mr. Dotson said.

Mr. Dotson said it appeared the fraud was being aided by a substantial number of “mules” — people, often in the United States, who were used as intermediaries for money laundering after making connections with fraudsters online. He warned people to be wary of quick-money job offers or other suspicious financial arrangements.

The Secret Service memo said Washington State had emerged as the primary target thus far, but there was also evidence of attacks in Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island and Wyoming. The agency warned that every state was vulnerable and could be targeted, noting that the attackers appeared to have extensive records of personally identifiable information, or P.I.I.

“It is assumed the fraud ring behind this possess a substantial P.I.I. database to submit the volume of applications observed thus far,” the memo said.

Rhode Island State Police reported on Monday that it had received “numerous reports of suspected fraud” related to unemployment benefits.

Scott Jensen, the director of Rhode Island Department of Labor and Training, said Saturday that it could be hard to distinguish between a legitimate claim and a fraudulent one when impostors provided the proper information. He said the fraudulent cases that were emerging seemed to have their paperwork in order without the hallmarks of other times when claims might have mistakes or other indicators that they were not genuine.

Here's more:

KrebsOnSecurity had these details:

A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service.

A memo seen by KrebsOnSecurity that the Secret Service circulated to field offices around the United States on Thursday says the ring has been filing unemployment claims in different states using Social Security numbers and other personally identifiable information (PII) belonging to identity theft victims, and that “a substantial amount of the fraudulent benefits submitted have used PII from first responders, government personnel and school employees.”

“It is assumed the fraud ring behind this possesses a substantial PII database to submit the volume of applications observed thus far,” the Secret Service warned. “The primary state targeted so far is Washington, although there is also evidence of attacks in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida.”

The Secret Service said the fraud network is believed to consist of hundred of “mules,” a term used to describe willing or unwitting individuals who are recruited to help launder the proceeds of fraudulent financial transactions.

“In the state of Washington, individuals residing out-of-state are receiving multiple ACH deposits from the State of Washington Unemployment Benefits Program, all in different individuals’ names with no connection to the account holder,” the notice continues.

The Service’s memo suggests the crime ring is operating in much the same way as crooks who specialize in filing fraudulent income tax refund requests with the states and the U.S. Internal Revenue Service (IRS), a perennial problem that costs the states and the U.S. Treasury hundreds of millions of dollars in revenue each year.

In those schemes, the scammers typically recruit people — often victims of online romance scams or those who also are out of work and looking for any source of income — to receive direct deposits from the fraudulent transactions, and then forward the bulk of the illicit funds to the perpetrators.

A federal fraud investigator who spoke with KrebsOnSecurity on condition of anonymity said many states simply don’t have enough controls in place to detect patterns that might help better screen out fraudulent unemployment applications, such as looking for multiple applications involving the same Internet addresses and/or bank accounts. The investigator said in some states fraudsters need only to submit someone’s name, Social Security number and other basic information for their claims to be processed.

Elaine Dodd, executive vice president of the fraud division at the Oklahoma Bankers Association, said financial institutions in her state earlier this week started seeing a flood of high-dollar transfers tied to employment claims filed for people in Washington, with many transfers in the $9,000 to $20,000 range.

“It’s been unbelievable to see the huge number of bogus filings here, and in such large amounts,” Dodd said, noting that one fraudulent claim sent to a mule in Oklahoma was for more than $29,000. “I’m proud of our bankers because they’ve managed to stop a lot of these transfers, but some are already gone. Most mules seem to have [been involved in] romance scams.”

While it might seem strange that people in Washington would be asking to receive their benefits via ACH deposits at a bank in Oklahoma, Dodd said the people involved seem to have a ready answer if anyone asks: One common refrain is that the claimants live in Washington but were riding out the Coronavirus pandemic while staying with family in Oklahoma.

The Secret Service alert follows news reports by media outlets in Washington and Rhode Island about millions of dollars in fraudulent unemployment claims in those states. On Thursday, The Seattle Times reported that the activity had halted unemployment payments for two days after officials found more than $1.6 million in phony claims.

And from The Hill:

The Secret Service has detected a large-scale foreign attack on the U.S. unemployment system that is processing record numbers of jobless claims amid the pandemic, according to The New York Times. 

In a Secret Service memo obtained by the Times, the agency described the attack as a well-organized Nigerian fraud ring that could lead to "potential losses in the hundreds of millions of dollars."

"We are actively running down every lead we are getting," Roy Dotson, a special agent who specializes in financial fraud at the Secret Service, said in an interview with investigators obtained by the Times. 

The attackers are reportedly using previously obtained Social Security numbers and other personal information to claim unemployment benefits. 

Since March, more than 36 million people have filed for unemployment amid shutdowns triggered by the coronavirus pandemic. The sudden increase in jobless claims has overwhelmed state unemployment systems. 

The attack was first reported in Washington state, where people who did not file for unemployment reported receiving benefits they didn’t ask for.

The attack adds yet another obstacle as state governments work to send out unemployment benefits in a timely manner.

At Western Washington University in Bellingham, Wash., more than 400 out of roughly 2,500 employees have been targeted with fraudulent claims, the university’s spokesman told the Times.