Scam Alert: Higher Ed is Target of Direct Deposit Thieves

Many schools have experienced email scams that use harvested credentials to alter direct deposit information. These scams typically involve fake emails impersonating Human Resources or other university offices about salary increases, email storage limits, or connections from unexpected IP addresses. The emails include malicious links that when clicked, lead to login pages that are carefully crafted to look the same as the university’s login pages. Once someone provides their login id and password, the attacker uses them to access the victim’s payroll information to redirect direct deposits to a bank account. This is not a hypothetical situation. Faculty and staff at other institutions have lost their paychecks via this scam. While this hasn’t happened at Carnegie Mellon, analysts warn of a continuing trend.

Stay alert to scams like these. Confirm with Human Resources, the Information Security Office, or your supervisor before attempting to login if you are suspicious of any email.

For more information: http://www.ren-isac.net/alerts/REN-ISAC_ADVISORY_University_Payroll_Theft_20141112_TLPWHITE.pdf