CNBC: A New Scam Targets Your Direct Deposit Info

by

via CNBC:

  • Fraudsters are targeting the HR functions of businesses of all types and convincing employees to swap out your direct deposit banking information to an offshore account.
  • One nonprofit in Kansas City describes several attempts per month, involving scammers trying to convince payroll personnel to change information about where to send employee pay.
  • The IRS has warned of an uptick in a wide range of fraud attempts involving payroll information.

Around two or three times per month, KVC Health Systems, a midsize nonprofit agency for child welfare based in Kansas City, receives phishing emails from criminals with the goal of rerouting an employee’s paycheck by direct deposit.

The emails look legitimate at first, as though they come from the CEO, CFO or payroll director.

The scammer is trying to convince human resources personnel to change the bank account and routing information the employee uses to have paychecks direct-deposited. Once routed to the criminal’s account, the company is on the hook for replacing the stolen funds and the employee faces the inconvenience of a late paycheck.

We are primarily funded by readers. Please subscribe and donate to support us!

It’s a new version of wire fraud scams that have devastated businesses in recent years, and a more focused version of a series of payroll fraud crimes that the IRS warned late last year were on the rise. The fraud is growing, experts said, because it easily bypasses many existing technical controls, and the small sums stolen are inoffensive enough that they can be folded into the cost of doing business.

The fake emails defy many existing controls for malicious communications, said Erik Nyberg, director of information technology at KVC. They are usually well written, cordial and lack the misspellings, grammar mistakes and exclamation points that would trigger many popular email filters that search for spam or phishing attempts.

“They might just say, ’I need to update my direct deposit information,” said Nyberg. “Or they start with, ‘Hey, do you have a second?’ and if that target person responds, then they go from there.” KVC has had a few near misses, Nyberg said, but has not transferred any paychecks to scammers.

KVC spoofed email 2
This email was received by personnel at KVC Health Systems — it’s another attempt to convince employees to change direct deposit information.
Views:

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.