Steff Childs has worked at the same company for about a decade. So she was surprised when in late April she got a letter from the Texas Workforce Commission that said her recent application for unemployment benefits had been denied.

At first, she thought it was fake, a scammer’s attempt to steal her identity. But Childs, who works in public relations in Austin, took the letter to her company’s human resources office. They said the letter wasn’t a fake—and that her identity had likely already been stolen.

Last year, state unemployment systems buckled under the weight of a tidal wave of layoffs. They had to process millions of legitimate applications for unemployment programs, including claims for programs that had been newly established by the CARES Act. They also had to sift through thousands of applications for benefits that were filed by fraudsters.

Although the pace of layoffs and new applications for unemployment benefits has slowed, the fraud attempts have not stopped. And this creates a knock-on effect: When a state system has to deal with a large number of claims that are suspected fraud, it delays benefits for people who are legitimately applying for benefits.

New verification methods have tamped down some fraud attempts, but have in turn created new roadblocks for legitimate claimants—claimants who may be at the end of their financial rope,  explains Zach Schiller, research director at Policy Matters Ohio, a nonprofit policy institute.

Last year, The Federal Trade Commission (FTC) received more than 394,000 complaints from consumers who said their identities had been “misused” to apply for government benefits, according to an April report from the agency—most of them used for fraudulent unemployment benefits claims. In 2019, there were fewer than 13,000 reports of this type.

That’s a nearly 3,000% jump in one year—and it’s only only a fraction of potentially fraudulent unemployment claims nationwide, according to various state reports.

In May 2020, the Employment Security Department in Washington had to review 200,000 claims for suspected fraud. People who had legitimate claims reviewed were paid retroactively, but still had to deal with a gap in their payment schedule and a benefits system that had to be shut down for two days. In the fall, nearly 400,000 unemployment accounts in California were frozen to investigate fraud. And in Ohio last year, criminals made at least 56,000 fake Pandemic Unemployment Assistance (PUA) claims between April and December—and the state paid out $330 million to fraudsters.

Scammers Preyed on New Federal Unemployment Programs

Much of the fraud took place in the pandemic unemployment assistance program (PUA), Schiller explains. While traditional unemployment insurance benefits use W-2 filings to match an applicant to their employment history, PUA opened up benefits to workers who didn’t have traditional pay stubs (think gig workers or contractors).
Fraudsters targeted this new program in part because it had fewer requirements for proving your work history and income.

At the start of the pandemic, many states hired firms like Deloitte, Accenture and EY to run parts of their unemployment insurance systems. These vendors—some of which already had contracts with states to administer parts of their aging unemployment systems—performed tasks like setting up PUA benefits, running call centers, or doing data entry.

But a huge international crime ring targeted these newly-established unemployment systems in at least seven states. The attacks forced workforce development offices nationwide to be more vigilant about their system security and their methods for verifying applicants’ identities—which in many cases meant approvals and payments were delayed for people out of work.

“When a massive fraud ring is identified, states are obliged to flag all users with characteristics matching the scam artists until they can re-verify their identity with the agency,” Rebecca Dixon, executive director of the National Employment Law Project, said during a U.S. House of Representatives hearing in July 2020. “This is a time-consuming process that can result in cutting off claimants’ earned compensation for weeks.”

Scammers Continue to Target Unsuspecting Americans’ Unemployment Benefits

The Covid relief bill signed in December 2020 mandated additional requirements to prove your eligibility for PUA. Starting in February 2021, people who apply for PUA must provide documentation of their income, which wasn’t previously required. If you were already receiving PUA benefits, you also have to provide documentation of previous income or risk being disqualified.

But fraudsters have continued to look for opportunities. In early 2021, Ohio saw an increase in attempted fraud in its regular unemployment system, not primarily in PUA as it had previously.

“It [created] this huge increase in claims, to the point where it actually affected claims numbers nationwide,” Schiller says.

Twice since the pandemic began, the U.S. Department of Labor has announced funding for states to strengthen identity verification in their unemployment systems. But authorizing funding for fraud prevention and investigation doesn’t mean security problems are fixed. In April—a year after pandemic unemployment plans were implemented—the Department of Labor finally released guidance for preventing fraud in these programs.

And for people who haven’t had to apply for benefits, receiving notices from their state’s labor department can open up a host of concerns about identity theft.

Childs says the denial letter she received contained mostly accurate information about her; the only reason the application had been denied was because part of her Social Security number was wrong. The denial letter was mailed to the house she moved out of in 2020 and was forwarded to her new address. Without mail forwarding, she may have never known someone had tried to claim benefits in her name.

To manage the potential fallout Childs first followed her state unemployment agency’s instructions for reporting suspected identity theft. Then she filed a report with the FTC. Then the FTC’s identity theft portal instructed her to report the incident to the Department of Justice’s National Center for Disaster Fraud. The DOJ website said not to file a report there, but to instead visit the state workforce agency. Childs had gone in a loop.

“I have no information, no clarity,” Childs says, adding that she hasn’t received any follow up from the state. A press release from TWC on May 4 noted that people who report suspected identity theft don’t always get a response to their report.

What to Do If Someone Claims Unemployment Benefits in Your Name

By the time you figure out someone has tried to access unemployment benefits using your information, your identity has likely already been compromised.

If you received a tax form 1099-G for unemployment benefits you didn’t get:

This form is used to report income from unemployment benefits on your tax return. If you received one but didn’t get unemployment insurance—or if the amount doesn’t match what you received—don’t include that income on your tax return.

Read more: You likely don’t need to amend your tax return to claim your $10,200 unemployment tax break

If you got a letter, text message, or email about benefits you didn’t apply to receive:

Don’t respond to the notification. Use the Department of Labor’s directory of state unemployment identity theft reporting systems to find out how to contact your state. In most cases, there’s an online reporting option and a phone number available, in case you have questions about what you received.

The following reports should be filed in either situation:

  • Tell your employer what happened (this might mean speaking with human resources, payroll or your supervisor) and keep any documentation they give you.
  • Report the situation to the Department of Labor in your state by using the directory mentioned above.

Then it’s time to shore up your identity.

First, access your free credit reports for all three main consumer credit bureaus (Equifax, Experian and TransUnion) and check them for anything else you don’t recognize. Visit annualcreditreport.com to do this for free.

Read more: Free credit reports extended until April 2022. Here’s how to get yours.

If there is other suspicious activity on your report—like an account you don’t recall opening or an unfamiliar mailing address—file a complaint at identitytheft.gov. When you file that report, mark that you think “government benefits” identity theft occurred.

Once you complete this report, the FTC will generate an identity theft recovery plan with additional steps you may need to take.

Next, freeze your credit. Someone who has your information can open new credit accounts in your name. Prevent them from doing this by asking each credit bureau to freeze your account. You can do this online, over the phone or by mail. The bureaus must provide this service for free. You will have to ask for this freeze to be lifted if you apply for credit down the road.

Read more: How To Fix Covid-19 Related Credit Report Errors 

If you don’t want to freeze your credit completely, consider placing a fraud alert on your reports. This will require lenders to take additional steps to verify your identity if you apply for new credit. If you tell one bureau, they must tell the other two to place an alert on your account; if you provide proof of identity theft, you can have an alert put on your accounts for up to seven years.

Continue to keep an eye on your credit reports, bank accounts, mail and email for new financial or personal activity that seems out of place. Remember that you can check your credit reports for free until April 2022, as often as weekly.