FBI Warning: Beware of Email Scam to Steal Your Direct Deposit Paycheck

fbi logo
The FBI wants you to know that scammers may be phishing with email to try and steal your direct deposit paycheck. Yuri Gripas/AFP/Getty Images

There’s an email scam underway in which criminals are trying to get your information to steal your paycheck, the FBI has warned. The FBI’s Internet Crime Complaint Center said cybercriminals are using “phishing emails” to try and get Americans to give them pertinent information used to take paychecks.

By pretending to be a human resources officials, criminals are sending emails that ask for verification of employee information, including asking you to verify paycheck direct deposit information, the FBI said. The criminals are providing a fake link taking you to a similar work portal website, according to the FBI, and if you log in with a username and password scammers can get your personal information, and perhaps take direct deposit of your paycheck.

“Cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cybercriminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information,” the FBI said in an alert posted this week.

“Rules are added by the cybercriminal to the employee’s account preventing the employee from receiving alerts regarding direct deposit changes. Direct deposits are then changed and redirected to an account controlled by the cybercriminal, which is often a prepaid card.”

The FBI has reportedly seen an increase in payroll scams, with about 47 cases totally more than $1 million reported since July, according to the Detroit Free Press. “Atlanta Public Schools, for example, had to reissue 27 paychecks last year after cyber thieves engineered a payroll attack, according to a report in the Atlanta Journal-Constitution,” the Free Press reported. “Scammers stole about $56,000 in payroll.”

The FBI provides multiple tips companies can use to avoid the scam. These include:

  • Instruct employees to hover their cursor over hyperlinks included in emails they receive to view the actual URL. Ensure the URL is actually related to or associated with the company it purports to be from.
  • Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any email.
  • Direct employees to forward suspicious requests for personal information to the information technology or human resources department.
  • Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.

Join the Discussion

Editor's Pick