• The US Secret Service has identified criminal actors targeting state unemployment funds using personal information stolen from Americans
• Some of the criminals are connected to a sophisticated Nigerian crime ring and could have already stolen hundreds of millions of dollars, according to a Secret Service memo first reported by security researcher Brian Krebs.
• The fraudsters took advantage of states struggling to process a flood of jobless claims amid the Covid-19 pandemic and related government shutdowns. 
• They primarily targeted the state of Washington, and there's also evidence of attacks in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming, and Florida.

As states struggle with an unprecedented flood of jobless claims amid the Covid-19 pandemic, cyber criminals are targeting unemployment insurance sites with fraudulent claims in order to illegally siphon money, according to the US Secret Service.

More than 36 million Americans have filed for unemployment in the past eight weeks as coronavirus-related shutdowns lead to layoffs across the US. Meanwhile, states have struggled to meet the high demand with limited staffing and archaic unemployment websites — and criminals have taken advantage of the chaos.

A Secret Service spokesperson confirmed to Business Insider on Monday that the agency's electronic crimes task force had identified "criminal actors targeting state unemployment insurance program funds" using stolen personal information.

"Criminals will use stolen personally identifiable information ... to file fraudulent state unemployment claims. Crooks will then use social engineering techniques to recruit unsuspecting individuals to launder illicitly obtained funds in order to conceal the identity, source and destination," the spokesperson told Business Insider.

The Secret Service circulated a memo last week warning that the criminals appear to be connected to a Nigerian crime ring and may have already stolen hundreds of millions of dollars, security researcher Brian Krebs first reported. The memo said the fraudsters were primarily targeting the state of Washington, as well as North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming, and Florida.

The Washington state agency overseeing unemployment started to realize the extent of the fraud last week, when people who are still employed started calling to ask why they received confirmation of unemployment benefits, according to The New York Times.

In addition to using stolen credentials to fraudulently file for unemployment, the scammers reportedly also recruit "money mules," or people who transfer illegally obtained money on behalf of others to obscure the paper trail, according to the Secret Service.

The agency is warning states to remain on high alert for fraud schemes, noting that every state could be vulnerable.

Business Insider