We’re elevating our look: Bridge unveils new brand and immigration platform
Press Release
Back to Blog

I-9 Phishing Scam Hits Employers

Bridge Team Member

As an employer, you’re already familiar with Form I-9, which is used by the United StatesCitizenship and Immigration Services (USCIS) for Employment EligibilityVerification. Employers must maintain a properlycompleted Form I-9 for every employee whom they hire to work in the U.S. –whether citizen or noncitizen. This process demands that both you as theemployer and each of your employees complete the form in tandem and that eachof your employees present you with USCIS-accepted documentation that bothverifies the employee’s identity and authorization to work in the country. 

That’s the easy part. The hitch is that thereis a Form I-9 email scam circulating that is purportedly from the USCIS butthat is decidedly not. While the USCIS did ever-so-quietly post a Scam Alert onits What’s New page onOctober 25, 2017, this fraudulent email scheme otherwise garnered very littleattention.  

The emails in question are in request of FormI-9 information, which is naturally highly personal and sensitive employeeinformation. In its What’s New post,the USCIS guarantees employers that it does not request Forms I-9 or Forms I-9information via email correspondence. Instead, employers must retain the formsthemselves and must make them available for inspection if requested to do so by the DHS, IER, or DOL. 

ThePhishing Expedition

This phishing scam reportedly originates froma fraudulent email address, news@uscis.gov, and that the emails often includethe official labels of the USCIS and the Office of the Inspector General –along with a download button that links to a web address that is not associatedwith the U.S. government, uscis-online.org. 

The current climate of uncertainty related toimmigration lends this Form I-9 scam a dash of perceived validity. Immigrationpolicy under the new administration – including but not limited to policyrelated to Dreamers, sanctuarycities, the asylum system, the travelban, the proposed border wall, and heightened scrutiny for H-1B visarenewals –  has entered some murkyterritory of late, and it’s not a huge leap to imagine that the USCIS mighthave shifted some of its information-gathering policies. 

They have not. 

What toDo if You’ve Been Scammed

Per the USCIS, if you have been targeted bythis scam, you should notify the FederalTrade Commission. In situations where you’re unsure whether or not theemail you received is a scam, you’re encouraged to forward the email to the USCIS webmaster. The USCIS willreview the email and notify law enforcement when needed.

The USCIS encourages employers to visit its Avoid Scams Initiative for moreinformation. 

How to ProtectYour Data

Recently, massive data breaches in goliathcompanies have been getting plenty of press. It’s important to remember,however, that small to medium-sized companies are also frequent targets of such breaches.

A 2015 study by the Wall Street Journal found thatthe most common cause associated with data breaches is employee error. Further,findings suggest that your cyber security is only as robust as the weakest linkwith access to your closely held information. Ultimately, the employeeinformation sought by this Form I-9 scam is among your most-sensitive data,and as an employer, it’s important to stay vigilant and aware of where yourcompany is vulnerable.

Although this email scam hasn’t received anoutpouring of attention, it highlights the fundamental importance of tighteningsecurity as it relates to critical records. You can better protect yourselffrom data breaches by ensuring that employees with access to sensitiveinformation are trained to recognize and report suspicious correspondence.

Should you have any questions about how this impacts your business or employees, please do not hesitate to reach out to us at support@bridge.us.

Disclaimer: This content is not a form of legal advice and should not be treated as a substitute for legal counsel. Bridge US encourages readers to discuss any and all immigration-related concerns with an attorney.

Tags:

More from the Blog

You've made it through a New Season of H-1B Cap Registration, Now What?

As we wrap up the H-1B cap registration window, which ended at noon eastern time on March 20th, find out what the next steps are for employers and how you can find out if your applicant was selected or denied.

Read Story

Webinar: U.S. Immigration in the Age of Coronavirus

Join us March 30th 10am PST/ 1pm EST as our partnering law firm, Immipartner, and other experts talk about how the immigration landscape is changing in the face of travel bans and restrictions during the age of coronavirus, presented by Nova Credit.

Read Story

Posting Your LCA Electronically? Here is What You Need to Know.

Immigration is finding alternative ways to shift to COVID-19 and account for employees who are now working from home. For some employment-based visas, one of these options is pursuing The Department of Labor’s (DOL) alternative to posting electronic notices instead of displaying notices in the workplace to meet the Labor Condition Application requirement.

Read Story