Hackers target payroll vulnerabilities with phishing attempts

Phishing scams aimed at accessing employees’ direct deposit funds are emerging as a new danger this year, said Beazley P.L.C. in a report Tuesday.

Once hackers have access to an employee’s email, they request a password reset from the organization’s payroll provider and change the employee’s inbox forwarding instructions to send all emails from the payroll provider to the target’s junk mail, Beazley said in its April Beazley Breach Insights Report. The hackers then change the employee’s direct deposit bank account details to their own to steal funds.

Scammers may also access the employee’s W2 information and file a fraudulent tax return, said Beazley, in its analysis of the 641 incidents it managed during the first quarter. 

Most direct deposit phishing attempts occurred in the higher education sector, where hacks and malware caused 48% of data breaches during this year’s first quarter, which was comparable to the 50% of breaches they caused during 2016’s first quarter.

Other issues of concern include a continuing increase in ransomware; hospitals that are being hit by unintended disclosures, including misdirected faxes and emails or the improper release of discharge papers; and the continuing vulnerability of financial institutions to hacks and malware.

“Organizations continue to face increasingly sophisticated threats as hackers adapt and employ new methods to seize data and funds,” Katherine Keefe, Philadelphia-based global head of the breach response services unit, said in a statement.