Warning for Employees and Businesses that use Direct Deposit
The latest phishing scam involves direct deposit, with emails being specially crafted to the targeted organization. Scammers impersonate an employee, often by establishing an email address using the employee’s name and utilizing display name spoofing in the messages.
The malicious emails are typically sent to payroll or human resources departments and request direct deposit change forms. In some cases, the threat actors located an organization’s direct deposit change form online and included a filled-out form in the email. The campaign intends to divert an employee’s payroll check to an account under the threat actor’s control.
What You Should Do
We recommend implementing procedures to prevent against these types of scams:
- Require two levels of approval and a verbal agreement from the requesting employee, when it comes to direct deposit requests
- Maintain awareness of common red flags found in malicious email messages, such as display name spoofing tactics, grammatical errors, etc. To learn more about what to look for in phishing emails, watch our short video.
Have additional questions regarding this update? Contact a member of the BMT team.
