FBI Releases Public Service Announcement on Payroll Diversion Threat
On September 18, 2018, the FBI released a Public Service Announcement (PSA) on the use of social engineering by cybercriminals in order to conduct payroll diversion. The cybercriminals send phishing emails designed to collect credentials for access to employee payroll accounts. The criminals then change the payroll account’s direct deposit to an account controlled by the threat actor. To evade detection, the criminals change account settings to prevent targeted individuals from receiving alerts regarding the account changes. This tactic is used to target individuals across all sectors; however, education, healthcare, and commercial airway transportation have been the most affected. The NJCCIC recommends reviewing the FBI PSA and employing the recommendations provided to defend against this threat.