New Email Phishing Scams – Payroll Diversion

Email Scam Report –
Payroll diversion schemes are one the rise
The FBI’s Internet Crime Complaint Center (IC3) says that Business Email Compromise (BEC) scams are continuing to grow with a 100% increase between May 2018 and July 2019.

Besides the run-of-the-mill scams where fraudsters redirect wire transfers to their own accounts instead of a business partner, IC3 has also recently started to see payroll diversion schemes where payroll is diverted to a third party scammer.

BEC reported loss

Defensive measures against BEC scams
IC3 provides the following guidelines for employees containing both reactive measures and preventative strategies:

  • Use secondary channels or two-factor authentication to verify requests for changes in account information.
  • Ensure the URL in emails is associated with the business it claims to be from.
  • Be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Refrain from supplying login credentials or PII in response to any emails.
  • Monitor their personal financial accounts on a regular basis for irregularities, such as missing deposits.
  • Keep all software patches on and all systems updated.
  • Verify the email address used to send emails, especially when using a mobile or handheld device by ensuring the senders address email address appears to match who it is coming from.
  • Ensure the settings the employees’ computer are enabled to allow full email extensions to be viewed.
  • In addition, to make sure that their employees will not fall victims to attacks, companies have to implement strict processes to check payment info changes. This includes both face-to-face meetings and/or direct phone calls when any changes to payment information are being detected.
  • If you discover that you are the victim of a scam, you have to immediately get in touch with your financial institution “to request a recall of funds and your employer to report irregularities with payroll deposits.”

    The FBI also suggests to “file a complaint regardless of the amount with www.ic3.gov or, for BEC/EAC victims, BEC.IC3.gov.”

    Thanks,

    Jonathan Sandmel
    jonathan@steadynetworks.com