U.S. Department of Labor Inspector General Larry Turner says he believes American taxpayers may have lost as much as $163 billion in COVID-19 pandemic unemployment benefits to fraud, an amount roughly equal to the entire state budgets of Texas and Ohio combined.

And that is the good news.

Last June, identity fraud experts were projecting that as much as $400 billion of the emergency relief might be stolen via fraud.

During a March 2022 hearing of the Senate Committee on Homeland Security and Governmental Affairs Chairman Gary Peters (D-Mich.) said, “Instead of a thorough examination of an applicant’s eligibility, many programs substituted this requirement with quicker self-reported information, which contributed to funds mistakenly being sent to deceased individuals; ineligible applicants, for fraudulent criminal schemes.”

According to Woody Talcove, CEO of LexisNexis Risk Solutions – Government, the identity fraud loss rate in the private sector is about 0.32 percent. The fraud rate for unemployment insurance is currently estimated at 18.71 percent, the highest of any government benefits program.

Talcove believes about 70 percent of the benefits lost to identity theft went to criminals in places like China, Nigeria, Romania, and Russia, which took advantage of lax screening by government agencies.

Brett Johnson, a cyber-crook turned cybersecurity expert referred to by the United States Secret Service as ‘The Original Internet Godfather,’ tells InsideSources the passage of the CARES Act not only expanded unemployment eligibility but also decreased barriers to fraud.

“There was no security in place for six months,” Johnson said. “State unemployment offices had never really seen any fraud before. There was some fraud, but not at scale, and not with the type of attackers that had been hitting them.”

According to Johnson, the skills needed for credit card fraud translated well for unemployment insurance fraud. Simple-to-implement safeguards such as looking at an applicant’s history within the state, checking a device’s location when the application was made, and seeing whether or not the site was accessed from TOR— a dark web browser — were not used.

Among the states with the largest losses is California, where the state’s Employment Development Department reports $20 billion lost to fraud since the start of the pandemic.

According to Talcove, the real loss in California is closer to $40 billion.

The crooks hit smaller states, too.

“An early review in Nebraska, which looked at all statewide payments through June, found roughly 66 percent of unemployment money was misspent,” NBC News reports.

In December, Oluwaseyi Akinyemi, a Nigerian national operating out of Maryland, pleaded guilty to multiple charges of stealing COVID-19 unemployment fraud. Akinyemi was ripping off senior citizens, then used their personal information to also file fraudulent unemployment claims during the pandemic emergency.

“In total, Akinyemi and his co-conspirators used the identities of 19 real individuals to file fraudulent unemployment insurance and [other] claims,” according to the Maryland U.S. Attorney’s office, with an “intended loss of $250,000 in state and federal benefits.”

Of the $163 billion (and counting) in COVID-related unemployment benefits lost or stolen, just $800 million has been recovered, according to Talcove.

“What’s the difference between the public sector and the private sector? It’s really simple; if there’s $200 billion in fraud in the private sector then the money is lost. Somebody has to pay. But if the State of Pennsylvania loses $10 billion in fraud, what do they do? They just print more money,” Talcove said.

“There’s a program integrity issue that needs to be addressed in this country.”

Matt Albence is former acting director of U.S. Immigration and Customs Enforcement (ICE), and he sees it as part of the ongoing evolution of international criminals seizing opportunities created inside the U.S.

“This is another example of the need for public-private partnerships. Criminals are smart and rapidly change their operations to exploit situations for their own profit. It happened when COVID-19 swept across the country and criminals flooded the market with counterfeit PPE, and it happened again when criminals found they could take advantage of government relief,” said Albence, who is now the spokesperson for the anti-fraud organization “United to Safeguard America from Illegal Trade (USA-IT). “If industry and government are siloed in their efforts, criminals will continue adapting and evolving—and we will continue to pay the price.”

Technology has also made it easier for criminals to steal from the U.S. government without ever crossing the border. The mobile app “Telegram” – originally a Russia-based social media app — means the would-be fraudsters don’t even need to be tech-savvy.

According to Johnson, anyone can join a Telegram channel just by searching the proper keywords.

“When unemployment fraud was actually hitting really hard during the pandemic you had 16-year-olds on Telegram bragging about stealing $60,000 a week,” Johnson said. “They would show the receipts and take videos of the stacks of cash they were pulling in. You’ve got a lot of people bragging on Telegram and sharing their techniques.”

Collaboration is sometimes crucial amongst criminals, especially for those not in the same geographic region as where they are scamming, Johnson said.

“For a cybercrime to be successful, three things need to take place, you need to collect data, commit the crime, and cash it out,” Johnson said. “One single criminal can rarely do all three.”

With a large portion of the unemployment fraud occurring in Ukraine, stateside money mules were hired to funnel the money. They were given a cut of around 40 percent, according to Johnson.

All of that could have been avoided, he says, if states had utilized security measures found in the private sector from the jump.

“There were all types of ways you could have defeated this,” Johnson said. “It’s not rocket science, it’s never rocket science with this stuff.”