The IC3 has received complaints reporting cybercriminals are targeting the online payroll accounts of employees in a variety of industries. Institutions most affected are education, healthcare, and commercial airway transportation.
Cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cybercriminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information. Rules are added by the cybercriminal to the employee’s account preventing the employee from receiving alerts regarding direct deposit changes. Direct deposits are then changed and redirected to an account controlled by the cybercriminal, which is often a prepaid card.
To mitigate the threat of payroll diversion:
The FBI encourages victims to report information concerning suspicious or criminal activity to their local FBI field office, and file a complaint with the IC3 at www.ic3.gov. If your complaint pertains to this particular scheme, then please note payroll diversion in the body of the complaint.
New Jersey Motor Truck Association | 160 Tices Lane, East Brunswick, NJ 08816 | 732-254-5000