Florida woman’s unemployment account locked after cyber thief gets away with benefits

Victim owed more than $6,000 in unemployment funds

A leasing agent handling properties near the University of Central Florida campus has been waiting three months to collect unemployment after cyberthief collected state benefits in her name while she was still working.

Lisa Woehler said her employer was alerted by the Florida Department of Economic Opportunity in January that someone had applied for benefits using her name.

“It was scary because they had my phone number right, my name, driver’s license and social security number,” Woehler said. “Within 10-days they applied and got it!”

However, on March 26 Woehler was laid off and to this day has been unable to apply for unemployment benefits because her DEO account was locked because of the thief.

“I’ve been dealing with this since March 26, trying to get the fraudulent claims off (her DEO account) so I can file my legit claim,” she said.

Fraud has become a major issue for the DEO as cyber thieves have been using computer programs and so-called automated bots to crack thousands of existing DEO Connect accounts.

As News 6 first reported, the Department discovered “malicious actors were targeting claimant accounts via the CONNECT public claimant portal.”

According to the DEO, a total of 57,920 claimant accounts were targeted. These targeted accounts may have been accessed by an unauthorized party. This activity may have occurred between April 27 and July 16. The agency told News 6 there is no evidence of any other unauthorized access and no indication of related malicious activity on the department’s internal networks.

The DEO has roughly 270-thousand accounts locked in response to potential and confirmed fraud.

News 6 has been working with the DEO to update and unlock Florida unemployment accounts that have been infiltrated. In some cases funds have been redirected to phantom bank accounts.

In Woehler’s case, the funds were first issued to a state debit card then the thief added a checking account with Wells Fargo.

A spokesperson with Wells Fargo confirmed the account holder was not a bank customer and in fact, many of these cases involve so-called ACH or Automated Clearing House, accounts. An ACH is a network used to electronically move funds between bank accounts across the U.S.

So far, News 6 has confirmed six banks, including Compass, Chase, Huntington National Bank, Regions, TD Bank and Wells Fargo, have been used as hosts for these phantom accounts.

Because the holders are not bank customers we are unable to confirm who is using the accounts.

Orlando Secret Service Forensics Supervisor Drew Bazemore said incidents of thieves using ACH accounts to replace established accounts in Connect is “not going to let up.”

“As you see, these types of attacks and these account takeovers, the bad guys are moving the money into accounts they control,” Bazemore said.

DEO spokesperson Andrew Nixon said the fraud division is reviewing Woehler’s account and hopes to have her funds issued soon.

If you have an unemployment issue email makeendsmeet@wkmg.com or text make ends meet to 407-676-7428.

Remember to send a screenshot of your DEO account and include the claimant number, monetary status and any notes from the DEO.

About the Author:

News 6’s Emmy Award-winning Investigative Reporter Mike Holfeld has made Central Florida history with major investigations that have led to new policies, legislative proposals and even -- state and national laws. If you have an issue or story idea, call Mike's office at 407-521-1322.