Recovering After Unemployment Fraud

This past week I discovered that I was one of the many Washingtonians whose identity was stolen and used to fraudulently collect unemployment. A letter from the State was sent to my parents home, an address which hasn’t been my own in over a decade. We are all in quarantine right now, but thankfully my parents thought this was strange enough and kept it. We chatted on the phone the night after it arrived where I had my mother open and read it to me, and my father was able to scan it and send it via email. Proving that I had indeed been caught up in the news cycle of so much fraud going on in my beloved state.

'Sophisticated' unemployment scam costs Washington state hundreds of millions of dollars

After I caught my breath from this startling news, I started down a path of recovery to salvage my identity and inform authorities not to pay the fraudster any more unemployment funds. While I hope you never find yourself in this situation, I know there are many folks in this boat right now so I want to share the steps I’ve taken to recover.

Report Fraud to State Unemployment Office

First step is to report the fraudulent claim to the state. In my case, I went to the Employment Security Department of Washington State’s website to file my report. You will want whatever information you have available to share: Letter ID, Claimant ID, Claim Date, etc.

Unemployment benefits fraud

Save the confirmation number that they give you after you submit the report.

File Police Report with Local Authorities

It’s always a good idea to formally report this type of crime to every authority who will listen. Fraud cases can also be reported to the Secret Service.

Calling your local police department next is important to get your report of fraud logged with them as well. For me, in Spokane, WA, I called our local non-emergency line, Crime Check. Again, provide them with all the information you have and what you have already done up to this point to manage the situation.

Police Department

Save the case number they give you and the name/badge number of who takes your report.

Report Identify Theft with FTC

To file for unemployment, your SSN is needed which puts you at risk for other identity fraud attempts. Report this through the Federal Trade Commission’s IdentityTheft.gov website.

Save the report number they give you after you submit.

Request Credit Reports

Your credit report contains personal information, credit account history, credit inquiries and public records. This information is reported by your lenders and creditors to the credit bureaus. Much of it is used to calculate your FICO® Scores to inform future lenders about your creditworthiness.

https://www.myfico.com/credit-education/whats-in-my-credit-report

Under normal circumstances, you are eligible to request a free credit report from each of our three main credit bureaus every 12 months. Thanks to COVID-19, you are now able to get a free credit report for these bureaus every week to keep an eye on things.

Request one from each and continue to do so as often as possible to monitor for abnormalities:

Home Page

Add Fraud Alert with Credit Bureaus

The FTC recommended to also add a fraud alert on your credit. This is a temporary measure lasting one year:

A fraud alert is a notice that is placed on your credit report that alerts credit card companies and others who may extend you credit that you may have been a victim of fraud, including identity theft. Think of it as a “red flag” to potential lenders and creditors.

7 Things to Know About Fraud Alerts

Another option is to do a full credit freeze.

Also known as a security freeze, this free tool lets you restrict access to your credit report, which in turn makes it more difficult for identity thieves to open new accounts in your name. That’s because most creditors need to see your credit report before they approve a new account. If they can’t see your report, they may not extend the credit.

Credit Freeze FAQs

To add a fraud alert or freeze to your credit, use these resources:

• TransUnion.com/credit-help
  888–909–8872
• Experian.com/help
  888-EXPERIAN (888–397–3742)
• Equifax.com/personal/credit-report-services
  800–685–1111

I’ll say that I tried adding an alert with each agency, even though each said they are required to notify the others. In theory you should just need to add the alert to one. In the end, I successfully added an alert with TransUnion and Experian. As a millennial, I started with the website method to add the alert but ran into technical issues with them being able to verify my identity and had to call. I didn’t get any method to work with Equifax (which literally asked me to fall back and send them a fax… like it was the 80's).

Inform Your Employer (and maybe your past employer)

Reach out to your current employer’s Human Resources Department to let them know this has happened. If the State reaches out to them to validate the unemployment claim, they can help and mark it as fraud. If you recently changed jobs like I have, also let your previous employer know so they can keep an eye out as well.

Personal Security Health Check

Now that you have the current situation as managed as possible, it’s good to do some health checks on your overall personal security. This can give you a heads up on how much data you may have out there from breaches and you can start to lock down your accounts to prevent future issues as much as possible.

In case you need more reasons to care about personal security:

Why Should You Care About Privacy and Security?

Health Checks

• Go to HaveIBeenPwned.com to look up your emails to see if they show up in known breaches and find out how bad things might be. This will give you a prioritized list of accounts to start to lock down.
• Start using a password manager if you aren’t already. I really like 1Password but it isn’t free. LastPass is another good option that is free.
• Move your passwords into your password manager of choice. This likely is a gigantic task so just start chipping away at it starting with your most important accounts (email, financial, shopping accounts that have your credit card information, accounts listed as being compromised, etc.).
• Update passwords for your accounts that are shared or compromised or are classified as insecure. Your password manager likely will inform you of shared passwords across multiple accounts and will let you know when a password isn’t considered secure. Work through these accounts to update the passwords and resave them back to your password manager. Your password manager can generate a secure password (using letters, numbers, and symbols).
• Remove passwords from and stop saving them to your browser. Browsers try to be so helpful with your account credentials but their security isn’t where you’d want it to be for this task. Trust your password manager with this, not your browser.

Organizations like Future Ada also offer help with getting you through things like this and ramping up your personal security health. We offer free regular Privacy & Security Workshops that cover many of these topics. Book a free appointment with one of our privacy / security and tech professionals on an upcoming Saturday: https://calendly.com/fa-openoffice

Have you had this happen to you? Anything else you’d recommend to add to these steps? Again, hope this never happens to you. Be sure to watch your mail carefully and protect your online accounts today.

Update: A friend called out that he was told by another person who experienced this that folks should go create an account with the Employment Security Department whether you need to file for unemployment or not. This allows you to control the account and establish your own identity with the department before a scammer can.