Looking for COVID-19 Resources? Bridge is here to help!
Back to Blog

I-9 Phishing Scam Hits Employers

Bridge Team Member

As an employer, you’re already familiar with Form I-9, which is used by the United StatesCitizenship and Immigration Services (USCIS) for Employment EligibilityVerification. Employers must maintain a properlycompleted Form I-9 for every employee whom they hire to work in the U.S. –whether citizen or noncitizen. This process demands that both you as theemployer and each of your employees complete the form in tandem and that eachof your employees present you with USCIS-accepted documentation that bothverifies the employee’s identity and authorization to work in the country. 

That’s the easy part. The hitch is that thereis a Form I-9 email scam circulating that is purportedly from the USCIS butthat is decidedly not. While the USCIS did ever-so-quietly post a Scam Alert onits What’s New page onOctober 25, 2017, this fraudulent email scheme otherwise garnered very littleattention.  

The emails in question are in request of FormI-9 information, which is naturally highly personal and sensitive employeeinformation. In its What’s New post,the USCIS guarantees employers that it does not request Forms I-9 or Forms I-9information via email correspondence. Instead, employers must retain the formsthemselves and must make them available for inspection if requested to do so by the DHS, IER, or DOL. 

ThePhishing Expedition

This phishing scam reportedly originates froma fraudulent email address, news@uscis.gov, and that the emails often includethe official labels of the USCIS and the Office of the Inspector General –along with a download button that links to a web address that is not associatedwith the U.S. government, uscis-online.org. 

The current climate of uncertainty related toimmigration lends this Form I-9 scam a dash of perceived validity. Immigrationpolicy under the new administration – including but not limited to policyrelated to Dreamers, sanctuarycities, the asylum system, the travelban, the proposed border wall, and heightened scrutiny for H-1B visarenewals –  has entered some murkyterritory of late, and it’s not a huge leap to imagine that the USCIS mighthave shifted some of its information-gathering policies. 

They have not. 

What toDo if You’ve Been Scammed

Per the USCIS, if you have been targeted bythis scam, you should notify the FederalTrade Commission. In situations where you’re unsure whether or not theemail you received is a scam, you’re encouraged to forward the email to the USCIS webmaster. The USCIS willreview the email and notify law enforcement when needed.

The USCIS encourages employers to visit its Avoid Scams Initiative for moreinformation. 

How to ProtectYour Data

Recently, massive data breaches in goliathcompanies have been getting plenty of press. It’s important to remember,however, that small to medium-sized companies are also frequent targets of such breaches.

A 2015 study by the Wall Street Journal found thatthe most common cause associated with data breaches is employee error. Further,findings suggest that your cyber security is only as robust as the weakest linkwith access to your closely held information. Ultimately, the employeeinformation sought by this Form I-9 scam is among your most-sensitive data,and as an employer, it’s important to stay vigilant and aware of where yourcompany is vulnerable.

Although this email scam hasn’t received anoutpouring of attention, it highlights the fundamental importance of tighteningsecurity as it relates to critical records. You can better protect yourselffrom data breaches by ensuring that employees with access to sensitiveinformation are trained to recognize and report suspicious correspondence.

Should you have any questions about how this impacts your business or employees, please do not hesitate to reach out to us at support@bridge.us.

Disclaimer: This content is not a form of legal advice and should not be treated as a substitute for legal counsel. Bridge US encourages readers to discuss any and all immigration-related concerns with an attorney.


More from the Blog

Travel to US from India banned to limit COVID-19 spread

Last month, President Joe Biden imposed new travel restrictions on India in light of the COVID-19 epidemic, barring most non-US citizens from entering the United States. The proclamation, signed by the President on April 30 and took effect on May 4, outlines the scope of the suspension and the limitations to entry into the US. Basically what this means is that until further notice, those travelers impacted by the proclamation won’t be permitted to enter the US until they have been absent from India for the past 14 days.

Read Story

Changes to H-1B Lottery Selection Process

USCIS published a final rule changing the H-1B cap-subject selection process (“H-1B Lottery”). Find out the changes to this rule and what you can expect.

Read Story

Trump's Final Days: AILA's Prediction on Proclamations and Regulatory Actions

It is widely anticipated the Trump administration will publish as many final regulations and extensions of proclamations as possible before January 20th to make longer-lasting policy changes. Learn more about AILA's predictions regarding employment-based immigration policies.

Read Story