Identity Theft Spikes Due to COVID-19 Relief


Cases reported to the FTC more than doubled last year as cybercriminals took advantage of increased filing for government relief benefits due to the pandemic.

Cases of identity theft in the United States doubled in 2020, mainly due to cybercriminals taking advantage of people affected economically by COVID-19 who filed to receive government benefits.

This is according to the Federal Trade Commission (FTC), which received about 1.4 million reports of identity theft last year, according to a blog post published Monday, when the commission kicked off its annual “Identity Theft Awareness Week.” In it they disclosed that in 2020, there were 394,280 reports of government benefits fraud compared with only 12,900 reports in 2019, an over 30x increase with most of them involving people filing for unemployment benefits.

Who is doing this?

In one such high-profile case, Rapper Fontrell Antonio Baines. who goes by the stage name Nuke Bizzle, boasted about perpetrating exactly this crime in his music video EDD – a reference to the California Employment Development Department.

The video shows Nuke Bizzle and his cohorts collecting EDD envelopes from various mailboxes, filing fraudulent claims on a laptop and spending wads of cash. Bizzle was subsequently arrested and ordered to stand trial in a U.S. District Court in Los Angeles.


Seasoned cybercriminals have also aimed to cash in on COVID-19-related unemployment claims, with more success than the ill-fated rapper. For instance, the highly organized Nigerian cybergang Scattered Canary stole millions in business e-mail compromise (BEC)-related fraudulent claims made on the online unemployment websites of eight U.S. states, according to a report released last May.

Small Business COVID-19 Fraud

Government-sponsored small-business loan programs also experienced a rise in identity-theft crimes. 99,650 cases of fraud were reported to the FTC that involved business or personal loans, more than double the 43,920 reports in 2019

Small businesses were those most dramatically affected by the COVID-19 economic shutdowns due to the pandemic, most business owners filed for some form of economic assistance, many fell prey to cybercriminals.

Taxpayer Data and Stimulus Checks

Cybercriminals have also been using identity theft to illegally obtain government stimulus checks, more than tripling the number of tax-fraud cases last year, 89,390 compared to 27,450 in 2019.

Tax-based identity theft has been a popular, common strategy used by cybercriminals to steal people’s yearly tax-return payments. But last year the number of tax fraud cases swelled once the stimulus payments began. Hacker forums had an increase in buying and selling taxpayer data around the time the COVID-19 relief package was announced, alongside the usual phishing and other campaigns typically used to steal annual tax payouts.

The Takeaway

The FTC has resources and free events on the topic of identity theft, scams and and tips to consumers and business owners. For example, they’re hosting Identity Theft Awareness Week to help us learn about things we can do to reduce our risk of cybercrime.

Be sure to check haveibeenpwned.com and the newly released cybernews.com personal data leak check website to see if your personal information has made it’s way for sale onto the Darkweb. The searches are free, and if your credentials are out there, be sure to:

  1. Change the passwords for all of your accounts that use the leaked email addresses

  2. Get and USE a reliable password manager (such as Keeper or LastPass) to generate strong passwords and protect your accounts, especially if the credentials are for a business.

  3. Enable two-factor authentication (2FA) on any on-line services that offer them. This added layer of protection ensures that even if the password is leaked, cybercriminals won’t be able to access the account.

Having an employee cybersecurity awareness program for your company is key compliance requirement and a significant part of practicing good cyber hygiene. It prevents company credentials from ending up on the Darkweb and from employees falling victim to scammers and cybercriminals who are undoubtedly already using credentials already in the wild to try to bamboozle staff into giving them access to your network. If you’re interested in learning more about how to better protect your organization, feel free to reach out, we can help.

Stay safe out there

-A