Businesses are being targeted by criminals with phishing emails with the goal of rerouting an employee’s paycheck via direct deposit.
These emails look legitimate. They try to convince the human resources personnel to change their direct deposit information to a different bank account. Once the funds are routed to the criminal’s account, the company is on the hook for replacing stolen funds and having the employee face the inconvenience of a late paycheck.
Instead of having many existing controls for malicious communications, the emails are normally well written and lack the common misspellings, grammar mistakes and exclamation points that trigger popular email filters that search for spam or phishing attempts. Often the message is simple, “Hey, do you have a second?” Once the email is responded to, the scammer goes from there in trying to change direct deposit information.
These wire fraud scams have been on the rise and have devastated businesses in recent years. This version; however, is the most recent scam attempted by criminals.
The latest scam is more convincing because it’s more under the radar. It bypasses some email controls and many warnings put in place by companies to their employees. How? They are asking to change a bank number, not for money.
Commonly, the fraudster will impersonate the company’s higher-value employees. The emails are brief, polite and lightly urgent. To discourage the human resources individual from calling, they will mention “I am going into a meeting right now.”
Train employees on the simple truth: the CEO is not going to email an employee out of the blue to change their direct deposit. If you ever have any doubt, call the person who is making the request. Another practice is to ask executives to avoid using their personal emails when sending messages to staff. Learn more about this type of scam by watching this video.
Your security is important to us. We also aim to keep you informed on how to stay up to date in the latest information in the industry. View the latest edition of Payments Insider newsletter for more information, including important rule updates regarding ACH origination.
Cindy is a Senior Vice President /Information Technology and Operations Director for Heartland Bank. She graduated with a Bachelor of Science in Computer Science from the University of Nebraska-Lincoln. Outside of the bank, Cindy enjoys spending time with her family and going to garage sales and flea markets.
Due to recently increased security requirements, we at Heartland Bank are no longer able to support version 10 or older of Internet Explorer. We are sorry for this inconvenience, and encourage you to upgrade to more secure options such as Internet Explorer 11, Google Chrome, or Mozilla Firefox.