(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Scam Alert! Hackers Are Hijacking Emails, and tricking HR to Switch Your Salary Bank Account! | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Devious hackers have come up with a fresh, insidious scam to target your hard-earned salary! By manipulating corporate HR and finance departments, they reroute your salary deposits to their own accounts. Read on to understand this devious ploy and how to guard against it.

Updated Jun 26, 2023 | 12:19 PM IST

Direct Deposit Change: Not After Your Job – Just Your Salary!


  • Hackers are manipulating HR and finance departments to reroute salary deposits into their own accounts.
  • They hijack email accounts and use them to request direct deposit changes, often going undetected until the employee realizes their salary hasn’t been deposited.
  • Companies and individuals can fight back with vigilant monitoring, process tightening, and multi-factor authentication.
Here’s a chilling new reason to look at your paycheck twice! Phishing scam artists have a brand-new trick up their sleeves. They’re not interested in your job, but they sure are interested in your salary! Their sneaky tactic? They just ask your HR to switch your salary account. Sound absurd? Read on.

The Devil is in the Details: Direct Deposit Change

How does this devilishly clever scheme work? It’s all about the direct deposit change . The hackers hijack legitimate email accounts and cunningly ask finance or HR to reroute your hard-earned salary into their own account. And, sadly, it’s too late when anyone finds out.

How They Pull Off the Heist: Stages of the Attack

The first stage of this cruel con begins even before you sense trouble. Hackers cleverly gain access to email accounts through various methods. They can exploit large data leaks from sites like Yahoo and LinkedIn or even personal information to request password changes.

Once the email is compromised, the real fun begins for the hacker. Masquerading as an unsuspecting employee, they email HR to change the bank for salary deposits. By the time the real employee realizes their salary hasn’t been deposited, the scammer is laughing all the way to the bank!

Guarding the Gates: Spotting the Warning Signs


Fear not! Your company’s I.T department can spot signs that an account has been compromised. Watch out for a surge in failed logins, deviations from user behavior patterns, and unusual configurations. A vigilant eye can thwart this cyber heist!

The Dark Web’s Latest Trend: Payroll Diversion Fraud

The internet has christened this scam ‘payroll diversion fraud.’ It’s a deceptively simple ruse that relies on a fake email requesting an update to direct deposit details. The innocent-sounding email tricks HR into sending the salary to an account owned by the scammers. Devious? Yes. Effective? Alarmingly so!

Turn the Tables: Protect Yourself and Your Paycheck

You can fight back! Companies can tighten their processes, require multiple approvals for paycheck changes, and keep an eagle eye on all email correspondence. Individuals must set up multi-factor authentication, scrutinize all emails, and be cautious about what they share online.

And if you’re unfortunate enough to fall for this scam, don’t despair! Report it to the cybercrime cell, your Human Resources Team, and your bank. It’s a bitter pill to swallow, but with swift action, you can bounce back.


Click Here For The Original Story From This Source.

National Cyber Security