The New Jersey Cybersecurity and Communications Cell (NJCCIC) warns of a new threat that can potentially affect millions of people. As a result of the COVID-19 ongoing pandemic, threat actors are trying to cash in by targeting individuals looking for financial relief. These malicious actors are using fraudulent emails, websites, and robocalls to target the unemployed and underemployed in order to steal their identities and intercept their relief payments, including unemployment benefits.
Many states across the US are overwhelmed with fraudulent unemployment applications and claims. The NJCCIC has reported that it has received several reports from members over the last several weeks detailing unemployment insurance fraud, referencing false emails claiming to be related to NJ unemployment with a COVID-19 lure. These emails may contain supposed job vacancies to convince the target to respond with personal or financial information, click links to fraudulent employment websites, or open attachments claiming to be resumes or other employment information. The cybersecurity threat actors are impersonating HR recruiters and are creating a sense of urgency by presenting a soon-to-expire offer that is “too good to be true.”
As a whole, during the pandemic, there has been a substantial increase of phishing attacks, impersonations, data breaches, access to stolen identities and fraud handbooks via dark web marketplaces, and malware attacks against vulnerable IT systems.
The NJCCIC is providing the following guidance:
The NJCCIC recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. Users are advised to avoid clicking links and opening attachments from unknown senders and exercise caution with emails from known senders. If you are unsure of an email’s legitimacy, contact the sender via a separate means of communication – such as by telephone – before taking any action. Navigate to websites directly by manually typing the URL into a browser, instead of clicking on links delivered in emails, to ensure you are visiting the legitimate website. In addition, we advise job seekers to research potential employers and businesses before responding or providing sensitive information. Please review the NJCCIC’s Compromised PII: Facilitating Malicious Targeting and Fraudulent Activity for more information on PII, identity theft, recommendations, and credit freezes. We encourage reporting unemployment fraud if there is suspicion that someone is claiming NJ unemployment benefits illegally. Cyber-related incidents may be reported to the NJCCIC via the Cyber Incident Reporting Form.
powersolution.com is an active participating member of the NJCCIC.