Los Angeles (CBSLA) – More than $ 11 billion was stolen from the state of California by fraud against the Employment Development Department.
Experts say a large part of this scam was committed by a very sophisticated and organized fraud ring based in Nigeria. Documents acquired from CBS2 show how easy it is for scammers to defraud the unemployment system using guides they can find on the dark web.
“I was like, ‘Oh god, let’s go, they hacked me,'” said Michelle Turner’s Kristine Lazar of CBS2.
Turner wasn’t surprised when her EDD account was empty. She had seen the California scam all over the news. But that doesn’t mean she was ready to lose more than $ 6,000.
“To think it’s that easy,” she said. “They can take anything from you in a second, in a second,” said Turner.
Someone spent the money on three separate Florida transactions. Michelle lives in San Bernardino. Fraud experts say thieves from around the world plunged into California’s unemployment fund.
“The vast majority of them are in places like West Africa, mostly Nigeria,” said Crane Hassold, Agari Director of Threat Research. “Hence the focus of this fraud.”
Hassold founded the FBI’s Cyber Behavioral Analysis Center. He says most of the EDD fraud is being perpetrated by a Nigerian criminal ring called Scattered Canary.
“Many of these scammers are younger, and many of them are quite well educated,” said Hassold. “You’ve got a degree and you’re out of college and the problem is that there aren’t many job opportunities in Nigeria.”
Hassold showed CBSLA a document he had found in a chat on WhatsApp and was communicating with the fraudster. The 39-page manual provides step-by-step instructions for filing a fraudulent EDD claim.
“And put it down in such a way that there are few warning signals,” said Hassold.
All that is needed? A “fullz,” a slang term used by scammers to mean a stolen identity name, date of birth, address, phone number, and social security number.
“Many of these people only buy their full identities very, very cheaply on the dark web or in underground forums,” said Hassold.
For just one dollar, and the payout is very lucrative.
“I think we’ll get into the high tens, if not 100 billion dollars when all is said and done here,” said Hassold.
Stopping this scam is not an easy task.
“We have always said on my team that you can arrest dozens, if not hundreds, of these guys and you really don’t make a dent,” said Hassold. “You need to do this differently and identify the accounts that will be used to receive these funds and close them as soon as possible.”
The problem with this is that EDD has very old technology. A 30 year old computer system that uses a technology that was developed 60 years ago called COBOL.
“It’s inconceivable that they would be expected to distribute billions and billions of dollars on technology that you can’t even find people to code for,” said Haywood Talcove, CEO of Lexis Nexis Special Services, which helps make online Stop fraud. “Fraud is really easy to stop and it is stopped by the banks, the financial institutions and the online merchants.”
But with EDD technology, fighting fraud is a slow and arduous process, according to Talcove.
“This morning I was on the dark web looking around in anticipation of this interview, and there had to be over 850 people on the dark web talking about trying to crack the current California state system,” he said.
Turner said Bank of America said it would take at least 60 to 90 days to get their money back, but within a day of CBSLA contacting the bank, more than half of the stolen money was returned to their account.
CBSLA reached out to EDD but did not immediately hear an answer.