The attackers use previously acquired Personally Identifiable Information (PII) such as social security numbers, addresses, names, phone numbers, and banking account information to trick public officials into accepting the claims. The acquisition of the PII that enabled these attacks, and…