Payroll & Employee Email Scam

We recently became aware of a new wave of email scams that are extremely dangerous and more invasive than ever.

Our clients began reporting these extremely dangerous scam emails a few weeks ago and even more since as well as other companies across the country. Check out this story of the breach at a California rehabilitation and nursing home health-care provider Magnolia Health Corporation (MHC) to get a full sense of the threat.

The Targets:

Unsuspecting Employees get an email that appears to come from someone in their organization or one of their clients. They spoof or fake the "from" email address so it looks legitimate.

The Scam:

The email asks them to send payroll information, bank accounts, social security numbers, or other private personal information. Sometimes they use the excuse that the information is needed for "tax" purposes. Given the tax season is upon us, the employee feels compelled to comply. These emails have also been known to appear to be from the CEO or other persons of authority and ask for money to be wired to them or demanding detailed account information. Another version of the scam asks employees to click on a link that looks like their payroll system login. When they enter their login and password, the hacker uses the information to change their bank account information. This enables the criminal to steal their paycheck!

The IRS is also often being spoofed and emails have been received which ask for specific tax data that appear to come from the IRS. The IRS is clear in that they do not ask for sensitive data by email, so any email from them or any other "agency" should be carefully vetted for authenticity.

The Risks:

The scam is intended to grab your financial data, personal information, or steal cash from you or your company:

  • Employees may be giving up their own or their coworker’s Personally Identifiable Information (PII), resulting in a number of possibly dangerous outcomes including financial breaches and identity theft. PII is also protected by law in some jurisdictions.
  • In the case of a scammer requesting a direct money wire, this could open up a company to a serious financial loss.
  • Identity theft is unfortunately easy to do with the right information. This scam is designed to open you and your company up to the information needed to steal an identity.

What Can You Do?

This scam looks real. Who wouldn’t respond to the company CEO?

The most important thing you can do is inform your company of the potential scam. Anything that looks suspicious... probably is. Forward this email to every employee. Let them know that no one in the company should ask for Personal Identifiable Information, banking information or logins and passwords to an account via email. And...

  • Hire a company like LINKS to assist your IT Department in guarding against scams and protecting your data.
  • Encourage staff to always double check who they are "replying to" in any email as well.
  • Lastly, be careful when clicking on a link in an email or downloading an attachment.

Links Technology's team of experts is always looking out for our customers. If you want to learn more about how we can help your company or organization stay safe from internet dangers. Give us a call at (847) 252-7600 today!