JACKSONVILLE, Fla. – The FBI is warning that hackers may try to hijack your direct deposit by passing themselves off as your company’s human resources department.
Using a tactic known as "phishing," cyber criminals send emails in the hopes that recipients will volunteer valuable information, the agency said. In this case, they're targeting employee login credentials.
Once criminals have your login, they can use that to access your company's payroll information, according to the FBI. They can then use that information to get into your bank account without your knowledge.
The goal is to redirect your paychecks to accounts controlled by the hackers, which is most often a prepaid card. By the time you realize what's happened, it's too late.
Below are some tips to help you avoid becoming a victim:
- Teach your employees and co-workers about this scheme and discuss ways to prevent it.
- Hover your cursor over any hyperlinks included in emails so you can see the real URL.
- Discourage employees and co-workers from giving out their login credentials via email.
- Make sure your login for payroll is different from logins used for other reasons.
To view the full alert, click here.