Nigerian hackers swindle millions of dollars from unemployment systems
Seven states impacted by the organization’s exploits
From shutting down entire communities to being the catalyst of an impending recession, the impact of the coronavirus pandemic is sure to have a longlasting impact worldwide. Unfortunately, since the onset of the virus, hackers have looked to capitalize on it in many ways. Just this week, Agari identified a Nigerian cybercriminal organization that has been committing mass unemployment fraud across a number of states in the U.S.
According to reports, the Nigerian cybercrime group, better known as Scattered Canary, has been successful in stealing millions of dollars from U.S. employment systems. By using Gmail dot accounts, the group was able to mass-create accounts, which allowed them to create dozens of accounts on state unemployment websites and the IRS website geared towards processing CARES Act payments. States currently impacted by the group’s nefarious endeavors include Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington and Wyoming.
“As a result of our analysis, we have identified 259 different variations of a single email address used by Scattered Canary to create accounts on state and federal websites to carry out these fraudulent activities,” Patrick Peterson, Agari’s founder and CEO, shared in the report.
Thus far, Agari’s research has also identified multiple examples of fraudulent activity attributable to the Nigerian cybercrime group. Between April 15 and 29, Scattered Canary filed 82 fraudulent claims for CARES Act Economic Impact Payments. Since April 29, Scattered Canary has filed an additional 174 fraudulent claims for unemployment in the state of Washington.
Between May 15 and 16, Scattered Canary was also able to file 17 fraudulent claims for unemployment in Massachusetts. All the claims were accepted, though it’s unclear how much Scattered Canary received as a result.
To receive funds related to fraudulent claims, Scattered Canary has been using Green Dot prepaid cards. So far, Agari has identified 47 Green Dot accounts Scattered Canary used to receive fraudulent unemployment payments.
The Nigerian group is no stranger to fraudulent activity. According to Agari, Scattered Canary has a 10+ year history in fraudulent activity and has been involved in a range of scams, including unemployment, social security, disaster relief and student-aid-related fraud.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Evaluate your order-to-cash process
15 recommended metrics to benchmark your O2C operationsDownload now
AI 360: Hold, fold, or double down?
How AI can benefit your businessDownload now
Getting started with Azure Red Hat OpenShift
A developer’s guide to improving application building and deployment capabilitiesDownload now