Click Here for a free estimate!

25 East Spring Valley Avenue
Maywood, NJ 07607
1 (877) CPA-GOLD

Cybercrime Uses Social Engineering Techniques to Steal Employee Credentials and Commit Payroll Diversion

robbery-theft-steal-money-405

By Rickard Jorgensen, FCII, ARM, ACIArb

Recent developments clearly shows the urgent need for security awareness training. The FBI warned September 18, 2018 about new criminal campaigns that target the online payroll accounts of employees in a variety of industries.

METHODOLOGIES

“Cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cybercriminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information.

Rules are added by the cybercriminal to the employee’s account preventing the employee from receiving alerts regarding direct deposit changes. Direct deposits are then changed and redirected to an account controlled by the cybercriminal, which is often a prepaid card.

RECOMMENDATIONS

The FBI has 9 suggested mitigations for scams like this, starting with:

  1. Alert and educate your workforce about this scheme, including preventative strategies and appropriate reactive measures should a breach occur.
  2. Instruct employees to hover their cursor over hyperlinks included in emails they receive to view the actual URL. Ensure the URL is actually related to or associated with the company it purports to be from.
  3. Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any email.
  4. Direct employees to forward suspicious requests for personal information to the information technology or human resources department.
  5. Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.
  6. Apply heightened scrutiny to bank information initiated by employees seeking to update or change direct deposit credentials.
  7. Monitor employee logins that occur outside normal business hours.
  8. Restrict access to the Internet on systems handling sensitive information or implement two-factor authentication for access to sensitive systems and information.
  9. Only allow required processes to run on systems handling sensitive information.

Go to the IC3 site here for more information

———————————————————————————————————————

Jorgensen & Company are not attorneys and do not offer any form of legal advice. Consult with appropriately qualified local counsel for more assistance. Rickard Jorgensen is President and Chief Underwriting Officer for the CPAGold™ program and may be contacted at (201) 345 2440 or rjorgensen@jorgensenandcompany.com

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>