Cybercriminals are trying to scam businesses into depositing employee paychecks into their bank accounts. Learn about the variations of the scam and what you can do so that your business does not become the next victim.
Most companies use direct deposit to pay their employees. In the United States, for example, more than 80% of workers have their paychecks deposited directly into their personal bank accounts. This is providing many opportunities for cybercriminals to perpetuate their latest scam — trying to get businesses to deposit employee paychecks into their accounts.
Variations of the Scam
Different variations of the direct deposit scam have been surfacing. Most recently, cybercriminals have been posing as employees.
In some instances, the digital con artists use a multi-stage attack. First, they send an email to a member of a company’s HR department asking how to change the direct deposit information for their paychecks. After the HR staff member responds and explains how to make the change, the cybercriminals wait a short while and send a second email. In it, they tell the HR staff member that they tried to make the change as instructed, but it did not work. They then ask the person to make the change for them and include the new bank routing number and account number in the email.
In other instances, the cybercriminals take a more direct approach by sending a message such as:
“I need to change my direct deposit info on file before the next payroll is processed. Can you get it done for me on your end?”
If the HR rep takes the bait and agrees to make the change, the cybercriminals provide the person with the new bank routing and account numbers.
In earlier versions of the scam, the cybercriminals posed as HR staff members rather than employees. The cybercriminals sent emails to employees, instructing them to click a link. The link took the employees to a spoofed (i.e., fake) HR website, where they were asked to enter their login credentials to confirm their identity. The hackers then captured the credentials and used them to access the real HR site and change the employees’ direct deposit information.
The Same Tool
In all the versions of the direct deposit scam, the cybercriminals used the same tool to execute their attacks: spear phishing emails. These emails are similar to traditional phishing emails in that they use a convincing pretense to con recipients into performing an action. However, spear phishing emails take the scam up a notch. Cybercriminals take the time to perform reconnaissance so that they can personalize the email. When it comes to spear phishing, the more personalized the email, the less likely the target will become suspicious and question its legitimacy.
Despite being personalized, spear phishing emails often have one or more of the following common elements:
Don’t Let Your Employees Get Scammed
Some spear phishing email recipients fell victim to the direct deposit scam, but your employees do not have to share the same fate. Educating employees about spear phishing emails and the elements commonly found in them can help staff members spot these types of scams. Employees should also learn how to check for deceptive URLs and spoofed names in an email’s “From” field.
There are other measures you can take as well. You should make sure that employees’ names, email addresses, and job positions are not publicly available. Similarly, you should warn employees of the dangers of posting details about their jobs on social media sites. Limiting the amount of publicly available information will make it harder for cybercriminals to find the details they need to personalize the emails.
It is also important to keep the company’s security and email filtering programs up-to-date. These programs can catch many spear-phishing emails but not all. The more personalized and polished an email is, the less likely it will be caught by these programs.
Computer Medic On Call is committed to bringing you the highest quality computer service available for all of your information and systems needs. Serving in Broward and West Palm Beach in Florida State for IT Support. Our experience provides us with the skills to offer a range of high quality computer services.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
|cookielawinfo-checbox-analytics||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".|
|cookielawinfo-checbox-functional||11 months||The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".|
|cookielawinfo-checbox-others||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.|
|cookielawinfo-checkbox-necessary||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".|
|cookielawinfo-checkbox-performance||11 months||This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".|
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.