BEC Campaign Attempts to Change Direct Deposit Information

The NJCCIC has received numerous incident reports from educational organizations around the State impacted by various business email compromise (BEC) campaigns involving direct deposit scams. Unlike phishing scams, BEC campaigns are a highly targeted form of social engineering. Threat actors commonly spoof the source name or email address of a familiar contact, use email domains that mimic a trusted source, or compromise a legitimate business account. The body of these messages often instructs the recipient to transfer funds or other sensitive information to the threat actor, or to update paycheck direct deposit information to the threat actor’s account. The threat actor purports to be away from their desk and sends the message via a mobile device, conveying a sense of urgency with poor spelling and grammatical errors. The NJCCIC highly recommends users refrain from forwarding or responding to these messages, and instead verify the source and instructions of any monetary transaction or request for sensitive data received via email through a separate means of communication. We advise users to view our publication Don’t Be Fooled: Ways to Prevent BEC Victimization for additional tips and information about BEC campaigns.