The Federal Bureau of Investigation has issued an alert following complaints of cybercriminals targeting the online payroll accounts of some employees.
The FBI says those in education, healthcare and commercial airway transportation are most affected.
According to a release, some employees are being targeted through phishing emails designed to capture an employee's login credentials. Once those credentials are obtained, they are used to access the employee's payroll account in order to change the bank account information. The FBI says the cybercriminal adds rules to the employee's account preventing the employee from receiving alerts regarding direct deposit changes. The deposits are then changed and redirected to an account controlled by the cybercriminal which, the FBI says, is often a prepaid card.
The FBI says employees should hover their cursor over hyperlinks included in emails they receive to view the actual URL, and ensure the URL is actually related to or associated with the company it purports to be from. Employees are asked to refrain from supplying log-in credentials or personally identifying information in response to any email.
The FBI encourages victims to report information concerning suspicious or criminal activity to their local FBI field office, and file a complaint with the FBI's Internet Crime Complaint Center or IC3 at www.ic3.gov.