Sometimes, crisis brings out the best in people. Unfortunately, it also often brings out the worst. That has certainly been the case with the ongoing pandemic. While not an entirely new phenomenon, fraudulent unemployment claims have become a widespread phenomenon across the country, including in Illinois. According to a recent CBS news report, “as of the end of October, there were more than 157,000 unpaid pandemic employment assistance claims. Of those, over 69,000 were being held up because of identity issues.” While IDES is not reporting firm numbers, we can confirm anecdotally that many of our clients are seeing a dramatic uptick in fraudulent unemployment claims filed on behalf of current, active employees. Unfortunately, there is no magic solution to this problem. However, there are at least some steps that employers and individuals can take to reduce and respond to such incidents.
What Employers Can Do
- Inform the employee. If an employer receives a notification stating that a current employee requested unemployment benefits, the first step is to confirm whether a claim was filed by the employee. Conduct a brief informational interview with the employee to determine the veracity of the claim.
- Contest the claim. Employers have a limited window in which to protest unemployment claims. Keep close track of any claim notices and be sure to contest any fraudulent claims by the deadline. Even if you miss a deadline, consider filing a response with IDES to put the agency on notice of the apparent fraud.
- Notify IDES. In addition to protesting any fraudulent claims, unemployment fraud should be reported directly to the IDES by calling 800-814-0513 or using this contact form. The IDES states that only one method should be used to prevent delays. Given reports of problems reaching IDES over the phone, the online contact form may be the better bet. However, once a report is submitted, keep a record of the report in case of any later follow up, or in case you have to respond further to a fraudulent claim.
- Educate all employees. Often, the first sign of a fraudulent claim comes when an employee receives a debit card or other documentation in the mail from IDES. Employers should educate employees to be on the alert for any unexpected notifications, debit cards, or other signs of potential fraud and should ask employees to report any suspected fraud to HR. Employers should also educate employees generally about how to protect themselves from identity theft. The FTC provides information available at the following link on how consumers can protect and monitor accounts: https://www.consumer.ftc.gov/articles/0235-identity-theft-protection-services.
- Contact the IT department. A fraudulent claim is not necessarily a sign of a security breach. However, organizations should work proactively with their IT departments to ensure effective security measures are in place surrounding sensitive personal information, such as birthdays and social security numbers.
What Employees Can Do
- Report any Notices. Employees who receive notifications from the IDES regarding unemployment should immediately alert HR.
- Notify the IDES. Employees can also notify the IDES by calling 800-814-0513 or using this contact form. Employees should also follow the directions on the IDES website. IDES advises any employee who receives a debit card not to activate the card and instead to destroy it. Out of an abundance of caution, employees may wish to make a record of having done so, such as taking photographs of the card both as it was received and after it has been cut up or otherwise destroyed.
- Monitor personal accounts. Employees should keep a close eye on bank and credit accounts and consider changing passwords for social media, personal email or other accounts which store sensitive information. Targeted employees should also consider freezing accounts.
- Ensure documents are properly stored and deleted, if necessary. Employees may have tax documents or other documents consisting of personal information (social security number, birthday, etc.) stored in vulnerable accounts such as email or cloud sources. Employees should ensure that all electronically saved documents containing personal information are properly secured. This may include using encryption, robust, unique passwords, and multi-factor authentication.
- Phishing and Smishing. Employees should be aware of targeted methods to access personal information through their personal phone numbers and email accounts. Employers can help employees identify potential scams (and improve their own security) by implementing robust security training programs.