For the past two decades, Liz Birenbaum's 88-year-old mother, Marge, has received her Social Security check on the second Wednesday of every month. It's his only source of income, which pays for his room at a long-term care facility where he landed after suffering a stroke last October.
As the deposit did not arrive in January, they logged into the margin Social Security AccountThere they found some startling clues: the last four digits of a bank account number at a bank they didn't recognize, which didn't match his own number.
“Someone had broken in,” said Ms. Beerenbaum, of Chappaqua, N.Y., “and then I hit a panic button.”
It soon became clear that a fraudster had diverted the $2,452 benefit to an unknown Citibank account. Marge lives in Minnesota and has never banked there. (Ms. Birenbaum requested that her mother be referred to by her first name only to protect her from future fraud.)
Ms. Beerenbaum immediately began making calls to try to fix things. When she finally got through to a Social Security representative from the local office in Bloomington, Minn., the representative casually noted that this happens “all the time.”
“I was stunned,” Ms. Beerenbaum said.
Social security-Affiliation scams, overall, are widespread – fraudsters pose as employees trying to extract both money and valuable identifying information from a wide variety of people. Developing projects. But this particular scam — where criminals use stolen personal information to log into online Social Security accounts or create new ones and divert benefits — has hit people the hardest. A decade.
Once fraudsters gain access to someone's online Social Security account, they can change the beneficiary's address and direct deposit information or request replacement cards.
Almost everyone is a potential target. The Social Security Administration sends checks 70 million Beneficiaries, including pensioners and the disabled, nearly $120 billion each month. According to the Social Security Administration's anti-fraud officials, 2,000 beneficiaries had their direct deposits diverted last year.
It can be a lucrative scam and a devastating one to lose. An estimated $33.5 million in benefits — for roughly 21,000 beneficiaries — were diverted over a five-year period ending in May 2018, according to a recent audit by the Office of the Inspector General, an independent panel agency that oversees investigations and audits. Another $23.9 million in fraudulent diversions were prevented from occurring during the same period.
“The fraudsters were able to obtain enough information about the real beneficiary to convince the Social Security Administration that they were that beneficiary,” said Jeffrey Brown, the office's deputy assistant inspector general. Inspector GeneralWho did the analysis? Release in 2019. “Once they were at the front door, they were able to convert their direct deposits.”
Social Security-related fraud increased during the pandemic, According to the OIG Officials forced people to rely on the agency's online services while Social Security offices were closed to the public.
The Federal Trade Commission, which collects self-reported complaints from consumers, said more than 7,600 people said their benefits were diverted between 2019 and the end of 2023, an improvement in the process last year.
“Many consumers let us know that they discovered their direct deposit was diverted to another account or to a fraudulent account,” said Maria Mayo, associate director of the FTC's Division of Consumer Response and Operations. “A lot of times they say they got a scam call, they gave out their information, and they believe that information was used to divert a benefit.”
In another twist, nearly 6,100 fraudulent claims last year, or 0.3 percent of all pension claims initiated online, involved criminals who filed for benefits on the earnings records of Americans who had reached retirement age but had not yet claimed benefits. Social Security Fraud Prevention officials said.
Criminals collect the personal identification information they need in a variety of ways, which they then use to break into government accounts or create fraudulent ones. You need a Social Security number to establish an online account with the agency, but you don't need the full nine digits to open an existing one.
Amy Nofziger, assistant director of victim fraud at the AARP Fraud Watch Network, recently scanned her database of cases and found a handful of victims who had their Social Security number stolen by a third party within the past six months. An unsuspecting person promised insurance subsidies to a fraudster. Another criminal posed as a representative of the victim's bank. In another case, the scammer pretended to call from a credit bureau to verify the victim's Social Security number.
Sometimes identity thieves pretend they're calling from a doctor's office, and in other cases they can compromise a person's device and collect valuable information like passwords or other personal details.
As the various parts of a person's identity are collected, fraudsters can turn to marketplaces on the dark web, where personally identifiable information — often stolen through security breaches — is up for sale.
Pam Dixon, executive director of the World Privacy Forum, a research group focused on data governance and security, said people living in medical or assisted living facilities are also often victims of these crimes. “This is one of the ugliest forms of identity theft,” he added.
A few months before Marge's benefits were diverted, the OIG issued A statement The administration's portal, called My Social Security, said it did not fully comply with federal requirements for identity verification: In all cases, it did not go far enough to verify and verify the identities of new enrollees. And once an account is established through an account Two identity verification portalsThe agency doesn't require users to verify their identities using strong enough evidence (such as claiming a driver's license with a selfie) as needed to access my Social Security account.
This isn't the first time independent investigators have found flaws Date again Introduction of my social security portal in 2012. The Office of the Inspector General recommended improvements to its digital identity verification process in 2016, and while the agency had made several improvements, OIG officials said it was not fully compliant when they released it. Latest audit in 2023.
Since the portal was launched, the Social Security Administration said it has implemented several of the office's recommendations, including adding a fraud analysis team for investigations. The agency has updated its identity verification process to respond to emerging threats, and plans more updates.
“Our office conducts continuous analysis of online transactions, and we look for anomalous behavior, and when we see new characteristics, we flag them and implement additional controls to prevent fraudulent behavior,” said Assistant Deputy Commissioner for Analytics Joe Lopez. Inspection and Supervision in Social Security.
“The ecosystem is always evolving, and we adapt our models as needed.”
The Social Security Administration is mailing notices to beneficiaries asking them to contact the agency if they don't recognize the latest change in their direct deposit information, preventing millions of dollars in benefits from being diverted and lost, OIG officials said. Can also block changes to accounts.
It would have been impossible for someone like Marge to fix this problem on her own. Ms. Birenbaum, a marketing consultant, and her brother, who live near their mother in suburban Minneapolis, worked together to recover benefits and protect Marge's account.
Ms. Birenbaum — who reported the crime to the OIG and the FBI and alerted his state and federal representatives — once put the Social Security Administration on hold for two and a half hours before connecting with a regional case worker. The representative was able to see that her mother's direct deposit information had been changed in early December, the month before the benefits disappeared.
Mrs. Beerenbaum's brother went to their mother's local social security office and became Marge.Representative Payee,” which allows him to handle his affairs (not assuming Social Security attorney powers). They had to find ways to make amends without bringing Marge into the office, a “difficult task,” Ms. Beerenbaum said.
Marge received the missing money on March 1, a month and a half after they found it.
“For her, it ended on a happy note, but for many people who don't have lawyers every day, cybercriminals win,” Ms. Beerenbaum said.
How to Protect Yourself from Social Security Fraud
Consider locking your accounts. Create a My Social Security accountBut then add a E-Services Vol, a feature that prevents anyone, including you, from viewing and changing your personal information online. You will need to contact your local office to remove it.
Another feature, Direct Deposit Fraud Prevention, prevents you from signing up for Direct Deposit or changing your address or Direct Deposit information through your online account or financial institution. To make any changes or remove the block, you must contact the local office.
Don't believe, check. If your phone's caller ID says “Social Security Administration,” don't believe it—the number could be spoofed and just the agency. Calls Beneficiaries in limited circumstances. Call the agency back at its mainline at 1-800-772-1213 or call the local site through Office location.
Report Suspicious Scams And Fraud want Office of the Inspector General website Or call 1-800-269-0271.
contact Federal Trade Commission If you suspect someone has used your personal information By Its website Or call 1-877-IDTHEFT (1-877-438-4338).
Review of Social Security Administration Resource page How to spot scams
