Sunday, December 22, 2024
Hawai'i Free Press

Current Articles | Archives

Saturday, May 23, 2020
Nigerian Princes Apply for Hawaii Unemployment
By News Release @ 12:19 AM :: 17547 Views :: Hawaii State Government, Labor, Law Enforcement, COVID-19

Agari Identifies Cybercriminal Organization Behind Spate of Fraudulent COVID-19 Unemployment and CARES Act Claims

Hawaii Department of Labor and Industrial Relations latest victim

News Release from Agari

FOSTER CITY, Calif. (May 19, 2020) — Agari, the market share leader in phishing defense solutions for the enterprise, announced today that it has linked the West African cybercriminal organization dubbed Scattered Canary to massive fraudulent schemes related to the COVID-19 pandemic, targeting at least eight states that now include Hawaii.  

“We have been tracking Scattered Canary for more than one year and briefed the U.S. Secret Service on this new development yesterday,” said Armen L. Najarian, CMO and Chief Identity Officer, Agari. “We’ve observed that this is by far one of the most complex and prolific cybercriminal organizations we have uncovered to date. Scattered Canary perpetrates a range of fraudulent schemes, including business email compromise (BEC) scams, unemployment fraud, social security fraud, student aid fraud, and now COVID-19 related fraud.”

Observations and threat intelligence gathering from Agari Cyber Intelligence Division (ACID) indicates that as of Sunday, May 17, Hawaii became Scattered Canary’s latest unemployment fraud victim, joining Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, and Wyoming.

While it is too early to measure the full fraud dollar loss impact on Hawaii, an assessment of Scattered Canary’s fraudulent attacks on the state of Washington could be a bellwether. Since April 29, the group has filed at least 174 fraudulent claims for unemployment with Washington. This is consistent with public reporting of a recent U.S. Secret Service alert mentioning that Washington has been the primary target of fraudulent unemployment claims. Based on communications sent to Scattered Canary from the state of Washington, these claims were eligible to receive up to $790 a week for a total of $20,540 over a maximum of 26 weeks. Additionally, the CARES Act includes $600 in Federal Pandemic Unemployment Compensation each week through July 31. This adds up to a maximum potential loss as a result of these fraudulent claims of $4.9 million. 

Agari analysis shows that Scattered Canary exploits Green Dot prepaid cards to “cash out” its fraudulent claims. Prepaid cards have previously been exploited to facilitate payroll diversion BEC attacks because the cards can be used to receive direct deposit payments. Green Dot cards are also advertised as being able to receive government benefits, such as unemployment payments, up to four days before they’re due to be paid, making them an attractive vehicle for groups like Scattered Canary to use in scams. 

Another tactic Scattered Canary employs to scale its operations is the use of Google Dot Accounts. The group sets up its attacks using versions of related Gmail addresses to mass-create email accounts for each target website. Scattered Canary has been able to create dozens of accounts on state unemployment websites and the IRS website dedicated to processing CARES Act payments for non-tax filers (freefilefillableforms.com), because Google ignores periods when interpreting Gmail addresses. This tactic provides Scattered Canary the ability to scale its operations more efficiently by directing all communications to a single Gmail account. Ultimately, use of “dot accounts” makes Scattered Canary very fast and efficient at committing large scale financial crimes. 

Scattered Canary organized itself more than 10 years ago and is based in Nigeria. Its long operating history hardened its methods and prowess for committing fraud and socially engineered attacks. Agari first alerted law enforcement to Scattered Canary in early 2019.

More information can be found here.

About Agari

Agari is the market share leader in phishing defense solutions for the enterprise. Through applied science, the Agari Identity Graph™ delivers valuable business context to every email risk decision. Agari ensures outbound email from the enterprise cannot be spoofed, increasing deliverability and preserving brand integrity. It also protects the workforce from devastating inbound BEC, VEC, spearphishing, and account takeover-based attacks, reducing business risk and restoring trust to the inbox. Learn more at agari.com.

  *   *   *   *   *

STATE MONITORING FOR FRAUDULENT UNEMPLOYMENT CLAIMS

News Release from DLIR, May 27, 2020

HONOLULU — The Department of Labor and Industrial Relations (DLIR) announced today that it is warning consumers about attempts made by criminals to file imposter claims in order to receive unemployment benefits. Multiple states have been victimized by fraudulent claims filed in recent weeks as part of a nationwide scam organized by a cybercrime gang that is believed to have obtained personal information through previous nationwide data breaches. The U.S. Secret Service issued a national alert about this international crime ring committing fraud against state unemployment programs on May 14, 2020.

“The Department of Labor and Industrial Relations takes its responsibility to prevent fraud in the unemployment insurance program very seriously,” said Scott Murakami, DLIR Director. “We are working with our federal, state and local partners to investigate and prevent fraud, while paying benefits to claimants as quickly as possible.”

The department was alerted that potentially fake claims may be filed using previously stolen or fraudulent personal information, however, no personal information from claimants have been stolen from the department. The department uses program integrity measures to prevent and identify fraud and is currently coordinating with the Hawaii Bankers Association to identify suspicious accounts.

“Hawaii residents who suspect an imposter claim has been filed in their name should contact the Unemployment Insurance Division at (808) 586-8947,” said Neal K. Okabayashi, Hawaii Bankers Association Executive Director. “It is unfortunate that criminals are capitalizing on the current COVID-19 emergency to file fraudulent unemployment claims using stolen identify information.”

Employers can assist the department by electronically filing wage data and Electronic Lower Earnings Reports through the unemployment insurance web application at www.uiclaims.hawaii.gov. The web application is secure, free, and easy to use, for more information please visit https://labor.hawaii.gov/ui/main/new-employer-website/.

Equal Opportunity Employer/Program

Auxiliary aids and services are available upon request to individuals with disabilities.

TDD/TTY Dial 711 then ask for (808) 586-8866

# # #

AP: Huge Washington state unemployment fraud uncovers attacks in Hawaii, other states

Links

TEXT "follow HawaiiFreePress" to 40404

Register to Vote

2aHawaii

Aloha Pregnancy Care Center

AntiPlanner

Antonio Gramsci Reading List

A Place for Women in Waipio

Ballotpedia Hawaii

Broken Trust

Build More Hawaiian Homes Working Group

Christian Homeschoolers of Hawaii

Cliff Slater's Second Opinion

DVids Hawaii

FIRE

Fix Oahu!

Frontline: The Fixers

Genetic Literacy Project

Grassroot Institute

Habele.org

Hawaii Aquarium Fish Report

Hawaii Aviation Preservation Society

Hawaii Catholic TV

Hawaii Christian Coalition

Hawaii Cigar Association

Hawaii ConCon Info

Hawaii Debt Clock

Hawaii Defense Foundation

Hawaii Family Forum

Hawaii Farmers and Ranchers United

Hawaii Farmer's Daughter

Hawaii Federation of Republican Women

Hawaii History Blog

Hawaii Jihadi Trial

Hawaii Legal News

Hawaii Legal Short-Term Rental Alliance

Hawaii Matters

Hawaii Military History

Hawaii's Partnership for Appropriate & Compassionate Care

Hawaii Public Charter School Network

Hawaii Rifle Association

Hawaii Shippers Council

Hawaii Together

HiFiCo

Hiram Fong Papers

Homeschool Legal Defense Hawaii

Honolulu Navy League

Honolulu Traffic

House Minority Blog

Imua TMT

Inouye-Kwock, NYT 1992

Inside the Nature Conservancy

Inverse Condemnation

July 4 in Hawaii

Land and Power in Hawaii

Lessons in Firearm Education

Lingle Years

Managed Care Matters -- Hawaii

MentalIllnessPolicy.org

Missile Defense Advocacy

MIS Veterans Hawaii

NAMI Hawaii

Natatorium.org

National Parents Org Hawaii

NFIB Hawaii News

NRA-ILA Hawaii

Obookiah

OHA Lies

Opt Out Today

Patients Rights Council Hawaii

Practical Policy Institute of Hawaii

Pritchett Cartoons

Pro-GMO Hawaii

RailRipoff.com

Rental by Owner Awareness Assn

Research Institute for Hawaii USA

Rick Hamada Show

RJ Rummel

School Choice in Hawaii

SenatorFong.com

Talking Tax

Tax Foundation of Hawaii

The Real Hanabusa

Time Out Honolulu

Trustee Akina KWO Columns

Waagey.org

West Maui Taxpayers Association

What Natalie Thinks

Whole Life Hawaii