Cyber-criminal Gang Canari Targets Texas Unemployment Claims Operator

Cyber-criminal Gang Canary Targets Texas Unemployment Claims Operator

According to CBS News, a gang of Nigerian cyber hackers known as Scattered Canary has provided step-by-step instructions on how to commit unemployment fraud in the state of Texas.

Scattered Canary cybercrime gang organization has already made millions from defrauding Hawaii, Florida, Massachusetts, North Carolina, Oklahoma, Rhodi Island, Washington, and Wyoming.

Now, a 13-page tutorial is being published about how the Texas Workforce Commission can be effectively defrauded.

Evidence seen by the CBS 11 I-Team proves that the detailed guide is shared online by hackers.

A copy of the document from a WhatsApp discussion group was obtained by an insider’s personal cybersecurity business Agari.

Crane Hassold, former FBI agent and now Director of Threat Research at Agari, has stated: 

“For these cyber-criminals it’s all about information flow. The tutorial shows how to apply for unemployment benefits and even introduces some of the red flags if you enter things a certain way.”

Since the beginning of the global COVID-19 pandemic, Texas has lost almost $893 million to bogus unemployment claims. Scammers from all around the world targeted the Texas Workforce Commission.

Scattered Canary Hassold said Scattered Canary hackers use Gmail to speed up their attack. Since Gmail ignores periods in addresses, small email address variances may be exploited to file several false claims without raising suspicion of state unemployment systems.

For example, if attackers file three claims with the address, the address, and the address, the system will not suspect all three are linked to one email account and owned by one person.

It allows for a much more efficient flow of communication:

“Instead of having to go to dozens of different email accounts to look at what’s going on, it’s all coming to one centralized location.”

Scattered Canary is suspected to purchase prepaid Green Dot cards as a way to funnel its false claims money offshore. These cards are purchased using identities that have been used during the fraud. The gang then goes online and drains the money from the account before the cards are delivered to them by mail.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.