How to Protect Your Identity: Widespread Unemployment Fraud Identified in Ohio

Date January 29, 2021
Article Authors

According to The Ohio Department of Job and Family Services (ODJFS), a number of Ohioans who didn’t register for unemployment benefits in 2020 will be receiving a 1099-G form from the State saying they did receive benefits and stating the amount. If you are among them, you are likely the victim of a fraudulent unemployment claim, a type of identity theft resulting from what is known as a Social Engineering Attack. Cybercriminals use phishing (emails), smishing (texts) or vishing (phone/voicemail) to steal your identity, then use it to file fraudulent unemployment claims.

If you believe you are a victim of unemployment fraud, file with the ODJFS at https://unemploymenthelp.ohio.gov/. The site provides a link to “Report Identity Theft” and offers detailed information in a section titled “ID Theft: What To Do.”

To protect yourself from Social Engineering Attacks, we recommend:

  1. Don’t give your Social Security number to someone you don’t know. No government agency or legitimate organization will request your Social Security number via email, text message or telephone.

  2. Scrutinize messages containing urgent requests.

  3. Study the message for subtle misspellings or replacements of letters with numbers.

  4. Use the “hover over” technique on a hyperlink in an email, then examine the URL you find there for the actual website/entity that will process the request.

  5. Verify the request via a different method, such as a phone call or online chat instead of a message reply.

  6. Never rely on the contact information or account numbers provided in the message!


Other ways to protect your identity (not an all-inclusive list):

  1. Review your annual free credit report via the Annual Credit Report website.

  2. Regularly monitor your credit cards online.

  3. Enable two-factor authentication for all your online financial and medical accounts.

  4. Consider freezing your credit files (Equifax, Experian and Trans Union).


Find additional email security recommendations in our article at: http://hbkcpa.com/cybersecurity-social-engineering-email-security-recommendations/

Speak to one of our professionals about your organizational needs

"*" indicates required fields



Cybersecurity Insurance – How Will Your Coverage Stand Up to a Claim?

Date September 1, 2020
Article Authors

Cybersecurity attacks have become all too common. Some optimists still believe the attacks won’t happen to them, but realists are taking measures to reduce their chances and mitigate their damages of becoming victims.

According to this year’s IBM/Ponemon Institute “Cost of a Data Breach Report,” the average cost per compromised company record for 17 industries was $161—a high of $429 for the healthcare industry and a low of $78 for the public sector. A company spending the industry-wide average of $161 multiplied by as few as 625 impacted data records would take a financial hit of over $100,000. As well, a forensic investigation resulting from a ransomware attack where no data is stolen could easily cost a business $60,000 to $80,000, as Joe Brunsman of Chesapeake Professional Liability Brokers told us in our HBK Risk Advisory Services August 26 webinar. (Listen to our webinar on Cybersecurity Insurance Assessments.)

Your effort to improve your cybersecurity posture should include implementing a defense-in-depth strategy with your cybersecurity insurance policy serving as your backstop. But not all cybersecurity insurance is the same. As we learned during last week’s webinar: there are almost 200 different cyber policies. Some cover costs pertaining to legal, computer forensics, data restoration, legal, and/or public relations. You should work with a specialist to ensure that you have the right policy for your business. Will your policy stand up to a substantial claim?

HBK Risk Advisory Services can help you determine how well your cybersecurity insurance policy will perform when you need it. Moreover, we can help you develop and implement a cybersecurity program that fits your organization’s risk appetite and budget. We also offer Security Awareness Training featuring phishing simulations, IT security policy development and risk and readiness assessments.

Call us at 330.758.8613, or email me at wheaven@hbkcpa.com for more information. As always, we’re happy to answer your questions and discuss your concerns.

Speak to one of our professionals about your organizational needs

"*" indicates required fields