FBI: Hackers may be trying to reroute your direct deposit checks

Posted at 6:00 PM, Sep 24, 2018
and last updated 2018-09-24 18:00:00-04

(WTXL) - The FBI warns hackers are targeting direct deposit paychecks in a recent scheme circulating a variety of industries. 

According to an alert from the FBI last week, they've received complains about cybercriminals are using phishing emails to capture employee's login credentials. Once they have access, the hackers change your bank account information and redirect the funds to an account they control, which is often a prepaid card.

Even worse, officials say the hackers usually find was to keep the employee from receiving alerts about the direct deposit changes, so it's possible you wouldn't even know your paycheck had been rerouted.

To keep your paycheck from getting rerouted, the FBI encourages you to forward any suspicious requests for personal information to the information technology or human resources department at your company.

Additional recommendations from the FBI are below:

  • Alert and educate your workforce about this scheme, including preventative strategies and appropriate reactive measures should a breach occur.
  • Instruct employees to hover their cursor over hyperlinks included in emails they receive to view the actual URL. Ensure the URL is actually related to or associated with the company it purports to be from.
  • Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any email.
  • Direct employees to forward suspicious requests for personal information to the information technology or human resources department.
  • Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.
  • Apply heightened scrutiny to bank information initiated by employees seeking to update or change direct deposit credentials.
  • Monitor employee logins that occur outside normal business hours.
  • Restrict access to the Internet on systems handling sensitive information or implement two-factor authentication for access to sensitive systems and information.
  • Only allow required processes to run on systems handling sensitive information.

The FBI encourages victims to report information concerning suspicious or criminal activity to their local FBI field office, and file a complaint with the IC3 at If your complaint pertains to this particular scheme, then please note payroll diversion in the body of the complaint.