Identity theft cases have been increasing during 2020 as more cases of unemployment fraud are reported.
One of the most common tactics used by fraudsters is for them to use stolen identities to open up new accounts and file new claims. With the large increase in unemployment claims and the loosening of restrictions, many fraudsters have had a window of opportunity not seen in the past. However, most of these identities were not stolen this year, but rather in the past few years. While identity theft is not uncommon, for some, it is difficult to bounce back from.
How identity theft is fueling unemployment fraud
Every year, billions of personal records are breached, about 1 in 4 people who had their data exposed actually have their identities stolen. These records are then sold on the dark web for a few dollars each. Fraudsters can then use these identities for their own financial gain, sometimes targeting government programs, which account for roughly 22% of all identity theft.
In many cases, identity thieves sit on vast amounts of stolen credentials, waiting for the perfect opportunity to pounce. COVID-19 has been an opportunity like no other. But for many of the fraudulent claims, the identity theft-to-fraud process began much earlier.
Here are the four steps of identity theft and fraud:
- First, there is a data breach. We know that billions of personal records are exposed annually. A recent RiskIQ study found that more than 16,000 records per minute were compromised in 2020. In the first half of 2020 alone, Twitter, Marriott, MGM Resorts, and Zoom all suffered data breaches.
- Next, personal records are sold on the dark web. What is the dark web? Alongside the internet most of us experience, lies a mammoth archive of unindexed material called the deep web, and a well-concealed part of the deep web called the dark web. The secret nature of the dark web has helped it become an identity theft marketplace, where bad actors can buy and sell personal information in nearly complete anonymity. Billions of stolen identity records are available for surprisingly low prices. A Social Security number can sell for as little as $1 and a credit/debit card number for $5. A person's full information set costs around $8.
- Then comes the actual identity theft. One in four people who are notified their information may have been exposed in a data breach actually have their identities stolen. Considering that most have had their data compromised multiple times, this nets out to about one person having their identity stolen every three seconds. Surprisingly, having personal data stolen and then sold on the dark web does not equate to identity theft. Identity theft doesn't occur until that stolen information is used for financial gain.
- Those financial gain opportunities often come in the form of government programs. According to the Federal Trade Commission, government fraud accounts for 22% of all identity theft, second only to banking fraud. However, that data is from before the pandemic. Since we know fraudsters have been increasingly targeting government programs in 2020, it is likely to be much higher now.
The identity theft fueling rampant unemployment fraud during the pandemic isn't occurring because data was breached in the last month, week or year– it's happening with data that has been stolen, bought, sold, and recombined over the last five years. Criminals have been waiting for an opportunity of this magnitude to present itself and are now taking full advantage.
With identity theft on the rise, it is a good idea to monitor your accounts so you can catch any unusual activity as early as possible. And if you do become a victim, our recommendation is that you reach out to an experienced attorney for help.