The website provided appears very similar to
the legitimate site in an effort to steal the employee’s
credentials. Once the employee enters his/her login information, the
scammer takes that information and signs into the employee’s
official human resources account to change the employee’s direct
deposit information. This redirects the employee’s paycheck to the
bank account of another individual involved in the scam.
Consequences of this scam:
-
The employee’s paycheck can be stolen.
-
The money may not be returned in full to
the employee.
-
The scammers can take the employee’s log-in
credentials and attempt to log into other accounts that belong
to the employee.
Tips on how to protect yourself from this scam:
-
Look for poor use of the English language
in e-mails such as incorrect grammar, capitalization, and
tenses. Many of the scammers who send these messages are not
native English speakers.
-
Roll your cursor over the links received
via e-mail and look for inconsistencies. If it is not the
website the e-mail claims to be directing you to, then the link
is to a fraudulent site.
-
Never provide credentials of any sort via
e-mail. This includes after clicking on links sent via e-mail.
Always go to an official website rather than from a link sent to
you via e-mail.
[to top of second column] |
If you have been a victim of this scam, you may
file a complaint with the FBI’s Internet Crime Complaint Center at
www.IC3.gov. Please reference Public Service Announcement (PSA)
number I-011315b-PSA in your complaint.
The IC3 produced a PSA in May 2014 titled
“Cyber-related Scams Targeting Universities, Employees, and
Students,” which mentioned this scam. The PSA can be viewed at
http://www.ic3.gov/media/2014/140505.aspx.
[Taken from the FBI website]
|