New Cyber Scam To Obtain Employee Credentials To Conduct Payroll Diversion

By:  |  Category: Blog, Security Tuesday, September 25th, 2018  |  No Comments
payroll diversion

HR watch out! Cybercriminals are utilizing social engineering techniques to obtain employee credentials to conduct payroll diversion

The FBI issued a public service announcement last week regarding new criminal campaigns that target the online payroll accounts of employees in a variety of industries.

What’s the Scam?

“Cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cybercriminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information.

Rules are added by the cybercriminal to the employee’s account preventing the employee from receiving alerts regarding direct deposit changes. Direct deposits are then changed and redirected to an account controlled by the cybercriminal, which is often a prepaid card.

Recommendations

The FBI has 9 suggested mitigations for scams like this, starting with:
1. Alert and educate your workforce about this scheme, including preventative strategies and appropriate reactive measures should a breach occur.

2. Instruct employees to hover their cursor over hyperlinks included in emails they receive to view the actual URL. Ensure the URL is actually related to or associated with the company it purports to be from.

3. Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any email.

4. Direct employees to forward suspicious requests for personal information to the information technology or human resources department.

5. Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.

6.  Apply heightened scrutiny to bank information initiated by employees seeking to update or change direct deposit credentials.

7.  Monitor employee logins that occur outside normal business hours.

8. Restrict access to the Internet on systems handling sensitive information or implement two-factor authentication for access to sensitive systems and information.

9. Only allow required processes to run on systems handling sensitive information.

Victim Reporting

The FBI encourages victims to report information concerning suspicious or criminal activity to their local FBI field office, and file a complaint with the IC3 at www.ic3.gov. If your complaint pertains to this particular scheme, then please note payroll diversion in the body of the complaint.

If you need assistance with a cyber security solution, give EnhancedTECH a call at 714-970-9330 or contact us at sales@enhancedtech.com.

Source: FBI

 

Samantha Keller

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller

Latest posts by Samantha Keller (see all)

Leave a Comment
Read previous post:
Robotic Process Engineering
Can Robotic Process Engineering Transform Your Business?

One of the most talked-about trends in the digital economy is robotics and its ability to perform tasks infinitely faster...

Close