IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Hackers Search for New Ways to Divert Colorado UI Checks

Cyber criminals are finding workarounds to steal unemployment checks after the state increased security. The scam involves official-looking emails and phone calls to steal user login information.

Digital fraud
(TNS) — The Colorado Department of Labor and Employment has made big strides in reducing fraudulent claims filed using stolen or fabricated identities. But that has pushed scammers in a new and more conventional direction: trying to steal the log-in information of claimants who have successfully passed the screen.

The phishing ploy involves sending out emails or making robocalls that claim to be from the CDLE or another official source. Some emails look like they're directly from MyUI, the official unemployment insurance site, and are providing an easier way to sign in.

Their intent is to snag the credentials needed to get into a legitimate account. Once inside, the criminals stealthily change the unemployed worker's direct deposit information to a bank or deposit account they control and pocket the weekly payment.

"They are trying to update as little as possible. They hope you don't notice it," said Phil Spesshardt, director of the state's division of unemployment insurance during a news call on Friday.

It isn't a scam that lasts long. People usually notice right away when the unemployment insurance payment doesn't show up, although some people take two weeks to catch on.

Rather than calling in and asking where the missing payment is, victims need to immediately check their bank routing information to make sure it wasn't changed. If it was changed, they need to file a fraud report on the CDLE's website. The problem is happening enough that the state has added a section for it.

Anyone who clicked on an email link or answered a robotic telephone call regarding their unemployment account should change their passwords immediately and also check to make sure the banking information hasn't changed, even if a payment hasn't gone missing yet, Spesshardt said.

So are the people who had their weekly payments swiped out of luck? Spesshardt said no. When a fraud report is filed, CDLE investigators will take up the case and do the work needed to make sure victims receive their payments. But that takes time, meaning the payments many people rely on to pay rent or buy groceries won't be there when needed.

"It becomes a laborious and time-consuming process. The work that has to be done there takes away resources from processing other claims," he said.

Hours of work are required to make up for the few seconds of indiscretion in handing over vital information. Spesshardt urges people to go directly to their MyUI page to sign in and never click on any links or other shortcuts offered.

©2021 The Denver Post, Distributed by Tribune Content Agency, LLC.
Special Projects
Sponsored Articles
  • How the State of Washington teamed with Deloitte to move to a Red Hat footprint within 100 days.
  • The State of Michigan’s Department of Technology, Management, and Budget (DTMB) reduced its application delivery times to get digital services to citizens faster.

  • Sponsored
    Like many governments worldwide, the City and County of Denver, Colorado, had to act quickly to respond to the COVID-19 pandemic. To support more than 15,000 employees working from home, the government sought to adapt its new collaboration tool, Microsoft Teams. By automating provisioning and scaling tasks with Red Hat Ansible Automation Platform, an agentless, human-readable automation tool, Denver supported 514% growth in Teams use and quickly launched a virtual emergency operations center (EOC) for government leaders to respond to the pandemic.
  • Sponsored
    Microsoft Teams quickly became the business application of choice as state and local governments raced to equip remote teams and maintain business continuity during the COVID-19 lockdown. But in the rush to deploy Teams, many organizations overlook, ignore or fail to anticipate some of the administrative hurdles to successful adoption. As more organizations have matured their use of Teams, a set of lessons learned has emerged to help agencies ensure a successful Teams rollout – or correct course on existing implementations.