|Authorities found a wire that targets customer's data and money accounts to divert into the criminal's other data / Photo by: wk1003mike via Shutterstock|
Criminals are sending out phishing emails in a new wire fraud scheme that aims to reroute employee's paycheck via direct deposit. The email messages all look legitimate at first and would be thought to come from company officials.
"They might just say, ‘I need to update my direct deposit information,’" Erik Nyberg, director of information technology at KVC Health Systems, told CNBC. "Or they start with, ‘Hey, do you have a second?’ and if that target person responds, then they go from there."
CNBC reported Nyberg saying that fake emails violate a number of existing controls for malicious communications. The business news site said such emails are typically well-written and don't have any misspellings, grammatical errors, and exclamation points that would alert most popular email filters that look out for spam or phishing attempts.
The goal of the scammer is to convince human resources personnel to change an employee's bank account and routing information that they use to have paychecks deposited directly. Once the rerouting is complete, the company is now liable to replace stolen funds along with the targeted employee to face the hassle of a late paycheck.
This scam is a new version of wire fraud schemes that have hit businesses in recent years. It is also a more concentrated version of a series of payroll fraud crimes that the Internal Revenue Service warned to be on the rise late last year.
Experts said the fraud is developing since it can easily bypass most existing technical controls and that the small amounts stolen are inoffensive enough that they can be considered to be a cost of doing business.
Fighting the threat, Nyberg said, would mean having people trained on focusing on a simple truth: That the company's CEO will not send out an email out of the blue and ask their employees for changes in a deposit. "And if you have any sliver of a doubt, call the person who is making the request."
KVC also asked their executives to refrain from using personal emails when sending messages to staff. They also need to enhance their email filters to detect common hallmarks of requests evident in the scam.