How reCAPTCHA Enterprise protects unemployment and COVID-19 vaccination portals

Innovating and experimenting in EMEA’s Public Sector: Lessons from 2020-2021
May 11, 2021
Azure webinar series: Technical Overview: Monitoring Windows Virtual Desktop
May 11, 2021
Innovating and experimenting in EMEA’s Public Sector: Lessons from 2020-2021
May 11, 2021
Azure webinar series: Technical Overview: Monitoring Windows Virtual Desktop
May 11, 2021

More people than ever have been conducting more of their lives online due to the COVID-19 pandemic. This creates a new landscape for fraudsters to create and release new attacks. Research commissioned by Forrester Consulting showed 84% of companies have seen an increase in bot attacks. 71% of organizations have seen an increase in the amount of successful attacks. 65% of businesses have experienced more frequent attacks and greater revenue loss due to bot attacks. With so many people visiting government websites to learn more about the COVID-19 vaccine, make vaccine appointments, or file for unemployment, these web pages have become prime targets for bot attacks and other abusive activities. But reCAPTCHA Enterprise has helped state governments protect COVID-19 vaccine registration portals and unemployment claims portals from abusive activities.

Assisting with unemployment claims during COVID-19

Alongside the wave of unemployment claims caused by COVID-19, many state government agencies, such as Wisconsin’s Workforce Development, have seen an increase in attempted malicious bot logins on their external websites. Many states have had malicious actors visit unemployment claims portals and enter stolen credentials to file fraudulent unemployment claims. Because many unemployment claims portals are mandated to pay a recipient within 2 weeks, the claims portal processes this fraudulent information and bad actors receive unemployment checks weeks before their false claims are recognized. By then, the fraudsters have their money and have repeated this process using other stolen credentials.

reCAPTCHA Enterprise helps state governments reduce false claims by preventing adversaries from automatically reusing credentials on unemployment claims portals. reCAPTCHA Enterprise’s scale and speed to determine fraudster behavior across the Internet helped some of the largest states in the United States, such as Texas.

Registering for the COVID-19 Vaccine and accessing state-sponsored resources

Several states, such as Pennsylvania, are challenged by web traffic that fluctuates based on the COVID-19 Vaccine Phase. For example, during Phase 1, there was a large increase in web traffic from both humans and bots because of the demand for the very few available vaccination slots. As more states move into Phase 2 and Phase 3, and the vaccine is more widely available, traffic is increasing because bad actors know more people are coming to these websites to register to be vaccinated.

reCAPTCHA Enterprise was implemented to stop bad actors from scripting bots to book vaccine appointments and then sell those appointment slots on another website for profit. These fake web pages are falsely promoted as websites where people can register for the vaccine. Vaccine appointments are not the only government system from which fraudsters try to profit. Transportation and social service departments also face frequent attacks, wherein fraudsters try to profit by booking and then selling appointments with those organizations.

Fending off these attacks was made easier thanks to reCAPTCHA Enterprise, a frictionless fraud detection service that leverages our experience from more than a decade of defending the internet and data for our network of more than 5 million sites. The reCAPTCHA Enterprise platform can understand fraudulent behavior, introduce friction to block bots from booking appointments, and allow legitimate users to access the vaccine portals and other state portals.

Because reCAPTCHA Enterprise does not require end users to complete captcha challenges, several state governments installed reCAPTCHA Enterprise across search, login, and registration web pages. State governments are also placing reCAPTCHA Enterprise on webpages where end users can access healthcare, receive assistance for housing or food, register motor vehicles, or propose legislation. With reCAPTCHA Enterprise on more pages, it becomes more difficult for malicious software or bots to carry out their attacks against different pages, but not for end users to browse, login into accounts, book appointments, or apply for resources. Because reCAPTCHA Enterprise requires no action from end users to stop fraud, state governments implemented reCAPTCHA Enterprise on all points of interaction on their webpages to ensure maximum security without impacting the user experience.

Providing security everywhere and pricing for all

Many state governments are familiar with buying cloud services in a pay-as-you-go model. reCAPTCHA Enterprise eased the purchasing process by providing state governments with predictable, scalable, and customizable pricing. State governments know up front how much they can expect to pay each month based on the number of assessments reCAPTCHA Enterprise performs. reCAPTCHA Enterprise’s flexible pricing model keeps pace with the natural fluctuations of visitors to vaccination registration and unemployment claims. reCAPTCHA Enterprise has a dedicated sales team that can tailor pricing to your specific use cases so both your webpages and budget are not compromised.

reCAPTCHA Enterprise has helped many state governments serve their constituents by making it easier to get vaccinated and collect unemployment. It helps constituents take advantage of public services and makes it more difficult for fraudsters to manipulate and interfere with them.

To start protecting your web pages from credential stuffing and other attacks, get started with reCAPTCHA Enterprise today.

Leave a Reply

Your email address will not be published. Required fields are marked *