The FBI is warning citizens who have direct deposit set up to be alert.
Officials say cybercriminals have been targeting online payroll accounts with emphasis on school districts, universities, and hospitals.
In some cases, officials say employers discover the scam only when employees start complaining that they did not receive their paycheck via direct deposit.
Here’s how the scam works:
It starts with a phishing email that looks very real that tricks you into revealing your login credentials.
Once the scammer has your credentials, the scammer can now use it to access your payroll account to change the direct deposit.
That money is then typically directly deposited onto prepaid cards.
The scammers then use those prepaid cards to get cash withdrawals from ATMs or make purchases.
How can you prevent yourself from becoming a victim?
* Do not give your log-in credentials in response to any email.
* Do not reply and do not click on any suspicious links.
* Keep in mind that phishing emails usually are sent outside normal business hours.
If you suspect you are a victim or have received a phishing email, forward any suspicious requests to your IT or HR departments.