International fraud ring steals billions of EDD money from California – CBS Los Angeles
LOS ANGELES (CBSLA) – More than $ 11 billion has been stolen from the State of California through a fraud by the Department of Employment Development.
Experts say much of this fraud was perpetrated by a very sophisticated and organized fraud ring based in Nigeria. The documents acquired by CBS2 show how easily crooks can trick the unemployment system by using how-to manuals they find on the dark web.
“I was like, ‘Oh my God, here we go, they hacked me,'” Michelle Turner told CBS2’s Kristine Lazar.
Turner was not surprised when his EDD account was emptied. She had seen fraud plague California all over the news. But that didn’t mean she was prepared to lose more than $ 6,000.
“To think it’s that easy,” she said. “In a second, they can take it all from you, in a second,” Turner said.
RELATED: 3 Women From Inland Empire Plead Guilty After Receiving $ 1.3 Million In Unemployment Benefits
Someone spent the money on three separate transactions in Florida. Michelle lives in San Bernardino. Fraud experts say thieves around the world have dug into California’s unemployment fund.
“A large majority of them are in places like West Africa, mainly Nigeria,” said Crane Hassold, director of threat research at Agari. “This is where the focal point of this fraud comes from.”
Hassold founded the FBI Cyber Behavioral Analysis Center. He says the majority of EDD frauds are committed by a Nigerian criminal network called Scattered Canary.
RELATED: Judge’s Injunction Orders BofA To Unfreeze EDD Accounts Suspected Of Fraud
“A lot of these crooks are younger and a lot of them are actually quite well educated,” Hassold said. “They have degrees and are coming out of college, and the problem is, there aren’t a lot of job opportunities in Nigeria.”
Hassold showed CBSLA a document he found in a chat on WhatsApp, which the crooks use to communicate. The 39-page manual contains step-by-step instructions on how to file a fraudulent EDD claim.
“And rank in a way that raises the fewest red flags,” Hassold said.
Everything that’s necessary ? A “fullz,” a slang term used by scammers that means a stolen identity name, date of birth, address, phone number, and social security number.
RELATED: Southland Residents Receiving Unemployment Insurance Must Actively Look For Work Starting July 11
“A lot of these people will just buy full identities on the dark web or underground forums for very, very cheap,” Hassold said.
For as little as a dollar, and the payoff is very lucrative.
“I think we’re going to reach tens, if not hundreds of billions of dollars when all is said and done here,” Hassold said.
Stopping this fraud is no easy task.
“We’ve always said in my team that you can stop dozens, if not hundreds of these guys and you’re really not going to make a dent,” Hassold said. “You need to do it differently and identify the accounts used to receive these funds and close them as quickly as possible.”
The problem is, EDD has very old technology. A 30-year-old computer system that uses technology created 60 years ago called COBOL.
“It’s inconceivable that they are supposed to be handing out billions and billions of dollars using technology that you can’t even find people to program on anymore,” said Haywood Talcove, CEO of Lexis Nexis Special Services, which helps to stop online fraud. “Impostor fraud is really easy to stop, and it’s stopped by banks, financial institutions and online retailers. “
But with EDD technology, Talcove said stopping fraud is a slow and tedious process.
“This morning I was on the dark web, and I was looking around for this interview, and there must have been over 850 people on the dark web talking about trying to break into the current system of the State of California, ”he said. mentionned.
As for Turner, she said Bank of America said it would take at least 60 to 90 days before she got her money back, but within a day of CBSLA contacting the bank, more than half stolen money was returned to his account. .
CBSLA contacted EDD, but did not receive an immediate response.