Business email compromise (BEC) scams are way up. There is a new trend showing its true colors where fraudsters are tricking human resource departments into changing employee’s direct deposit banks to divert paychecks into an account they own and/or control.

More common BEC scams surround wire transfers and tricking employees into wiring money to unauthorized accounts; however, these cybercriminals are going one step further by stealing employee paychecks.

TriVault has seen a massive increase in BEC attempts recently surrounding the diversion of monthly and bi-weekly wages. While filtering out dangerous emails, we have encountered hundreds of attempts to only a few specifically targeted organizations. The FBI had issued a warning last year pertaining to similar fraud, which was based on complaints that cybercriminals were targeting online payroll accounts.

In order to avoid this, companies should require two-factor verification in online systems, and not changing payroll information without the recommended element of human contact being established before completing the request. Also, a common sense measure is to verify that the email address or phone number is coming from a legitimate source. Requiring an internal employee to use an internal email/internal phone line to contact the department will resolve these measures significantly, unless those accounts are also compromised.

Scams of this nature, specifically pertaining to email, are very costly to most organizations that encounter them. A notification from the FBI last summer mentions that between October of 2013 and May of 2018, the worldwide estimated total losses from this type of fraud were over $12 billion.