Nigerian hackers swindle millions of dollars from unemployment systems

Seven states impacted by the organization’s exploits

From shutting down entire communities to being the catalyst of an impending recession, the impact of the coronavirus pandemic is sure to have a longlasting impact worldwide. Unfortunately, since the onset of the virus, hackers have looked to capitalize on it in many ways. Just this week, Agari identified a Nigerian cybercriminal organization that has been committing mass unemployment fraud across a number of states in the U.S.

According to reports, the Nigerian cybercrime group, better known as Scattered Canary, has been successful in stealing millions of dollars from U.S. employment systems. By using Gmail dot accounts, the group was able to mass-create accounts, which allowed them to create dozens of accounts on state unemployment websites and the IRS website geared towards processing CARES Act payments. States currently impacted by the group’s nefarious endeavors include Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington and Wyoming. 

“As a result of our analysis, we have identified 259 different variations of a single email address used by Scattered Canary to create accounts on state and federal websites to carry out these fraudulent activities,” Patrick Peterson, Agari’s founder and CEO, shared in the report.

Thus far, Agari’s research has also identified multiple examples of fraudulent activity attributable to the Nigerian cybercrime group. Between April 15 and 29, Scattered Canary filed 82 fraudulent claims for CARES Act Economic Impact Payments. Since April 29, Scattered Canary has filed an additional 174 fraudulent claims for unemployment in the state of Washington. 

Between May 15 and 16, Scattered Canary was also able to file 17 fraudulent claims for unemployment in Massachusetts. All the claims were accepted, though it’s unclear how much Scattered Canary received as a result.

To receive funds related to fraudulent claims, Scattered Canary has been using Green Dot prepaid cards. So far, Agari has identified 47 Green Dot accounts Scattered Canary used to receive fraudulent unemployment payments.

The Nigerian group is no stranger to fraudulent activity. According to Agari, Scattered Canary has a 10+ year history in fraudulent activity and has been involved in a range of scams, including unemployment, social security, disaster relief and student-aid-related fraud.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021
Cyber criminals bypassing MFA to access cloud service accounts
two-factor authentication (2FA)

Cyber criminals bypassing MFA to access cloud service accounts

14 Jan 2021
Capcom data breach adds another 40,000 estimated victims
data breaches

Capcom data breach adds another 40,000 estimated victims

13 Jan 2021

Most Popular

Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021