Security

How Hackers Are Capitalizing on Direct Deposit Accounts

Direct deposit is a common practice in today’s world, and it’s how the majority of Americans prefer to be paid for their work. The National Federation of Independent Business (NFIB) estimates that nearly 60% of all employees use direct deposit to receive their pay check. On top of that, more than 90 percent of social security checks are paid via direct deposit. Unfortunately, hackers have begun figuring out how to use direct deposit to their advantage, by breaking into people’s accounts and steal money. To help ensure that this doesn’t happen to you, download dfndr security and take advantage of the anti-theft feature:

Anti-theft will lock down your phone in the event that it is stolen or lost. These attacks are certainly not something that anyone wants to deal with, especially given the fact that it has to do with one’s personal finances and hard earned money!

How Are They Doing It?
Hackers are pretty savvy, and that’s the scary thing! They are now seeking those who have direct deposit set up for their paychecks, and they’re creative about how they gain access. To start, they search social media sites and accounts to find out where random individuals work. Once they locate a corporate logo or some kind of inkling indicating where that person works, they use that information to hack their work email address. From there, they figure out who the given payroll provider is.

Once hackers have this information, they slyly redirect any payroll or direct deposit emails to a junk folder so that the employee won’t be tipped off about anything being amiss. Then, they request an account change with the payroll provider, swapping the information on the direct deposit set up to route the funds to an alternate account. From there on out, the hacker has easy access to the funds every time that a payment comes through.

Alternatively, hackers are targeting institutions such as the Social Security Administration (SSA), which makes it quite easy for hackers to redirect funds. Users have recently reported that their funds have been sent to hackers after they’ve attained their social security numbers and then used that information to change the direct deposit account via phone or even online. Then, individuals are learning of the account information change after it’s too late, once payday has already hit and they have to follow up with the SSA to get their money back and to attempt to secure their account. This is risky business, and the average loss per case of this occurring is $90,000. That means it’s a lucrative venture for hackers, which motivates them to perform these malicious acts.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.