The US Department of Homeland Security announced that citizens should stay alert when it comes to cyber scams that point towards credential theft. They’re happening in at least 11 states, and may be the result of past data breaches, like those involving Equifax and TRW.

In Kansas, one individual received a letter in the mail, with official-looking markings, confirming receipt of an unemployment benefits application. However, the individual had not submitted such an application. Someone else had attempted to receive benefits using her name and credentials.

“Who knows what else they could do with it [her personal information]. Who else they could sell that information to. You can’t change your birthday. You can’t change your social security number,” says the victim.

According to security expert Nick Hampson, cyber criminals“…can purchase credentials…[for] two dollars a shot.” As more credentials make their way onto the dark web, these types of impersonation attempts may grow increasingly common.

States are implementing thorough application review processes in the attempt to circumvent scammers.

Hampson notes that impersonators may be from out of the country, making their cyber footprints tricky to track.

Get more on this story from ABC news.