Security News > 2020 > May > 8 states targeted in CARES Act scams from cybercrime group
At least eight US states and the federal government have lost millions of dollars due to cybercrime scams targeting unemployment benefits and funding from the CARES Act proceeds, according to the Secret Service and the cybersecurity company Agari.
Cybercriminals with Scattered Canary have taken advantage of the situation according to Peterson, who wrote that the group filed more than 80 fraudulent claims for CARES Act Economic Impact Payments and even more claims for unemployment insurance in Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, Wyoming and most recently Hawaii.
"Between April 15 and April 29, Scattered Canary filed at least 82 fraudulent claims for CARES Act Economic Impact Payments, which are meant to provide relief to families as a result of the COVID-19 pandemic. The only information needed by Scattered Canary to file these claims was an individual's name, address, date of birth, and Social Security number. Of the 82 claims Scattered Canary filed, at least 30 of them were accepted by the IRS and presumably paid out," Peterson wrote.
Peterson said since April 29, the group has filed almost 180 unemployment claims in Washington state and adding in the money made through CARES Act scams, they have raked in about $4.7 million.
"Scattered Canary has been able to create dozens of accounts on state unemployment websites and the IRS website dedicated to processing CARES Act payments for non-tax filers," Peterson wrote.