NJ warns employees and businesses that use direct deposit
Do you get your paycheck deposited electronically into your checking or savings account?
New Jersey cybersecurity officials are warning Garden State workers and companies about a new direct deposit scam.
According to Krista Valenzuela, a cyber threat intelligence analyst with the New Jersey Cybersecurity and Communications Integration Cell, threat actors are impersonating employees who work within a business or organization.
She said they’re emailing the payroll or HR department stating they need to update their direct deposit information.
They’re not who they say they are
“These fraudulent actors of course are not legitimate employees, and if that direct deposit information is changed that employee’s payroll check will go to those threat actors,” she said.
“They are switching account information and are essentially stealing that individual’s payroll check.”
How can they do that?
She said scammers can get an employee’s information in a number of different ways.
“It could be directly from that business or organization’s website, or could be from a place like Linkedin, they can find this information pretty simply,” said Valenzuela.
Where does the money go?
She said “usually they do set up legitimate bank accounts to have these payroll checks diverted to, and then once they receive those funds they close out those accounts.”
She noted typically this is a “one and done” type of scam because the real employee will quickly ask their company why they haven’t been paid.
“And in those cases that business or organization will be out of two payroll checks, because they do have to give their employee their payroll, of course.”
She said businesses can prevent this from happening by “making sure to call an employee on the number you have on record for them to verify any requested changes to their direct deposit.”
Valenzuela said Jersey businesses need to be aware this is happening and “the way to help combat this type of scam is really just to change procedures and make sure that you’re verifying any request for changes.”