Go to:

February 2019
< Jan Mar >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Tech Tuesday: Cybercriminals and Direct Deposit Diversions
Tuesday, October 2, 2018 7:00 AM

Cyber Security Awareness Month

During October, Cornerstone will observe National Cyber Security Awareness month with Tech Tuesdays to draw attention to the many ways a stable, safe, and resilient cyberspace affects our daily life and economic vitality in the public and private sectors, especially credit unions.

The Federal Bureau of Investigations frequently distributes public service announcements (PSA) about cyber threats. This week, we’re bringing attention to the FBI's PSA on cybercriminals who utilize social engineering techniques to obtain employee credentials to conduct payroll diversion.

The FBI's PSA states:

"Cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Once the cybercriminal has obtained an employee’s credentials, the credentials are used to access the employee’s payroll account in order to change their bank account information. Rules are added by the cybercriminal to the employee’s account preventing the employee from receiving alerts regarding direct deposit changes. Direct deposits are then changed and redirected to an account controlled by the cybercriminal, which is often a prepaid card."

To mitigate the threat of payroll diversion:

  • Alert and educate your workforce about this scheme, including preventative strategies and appropriate reactive measures should a breach occur.
  • Instruct employees to hover their cursor over hyperlinks included in emails they receive to view the actual URL. Ensure the URL is actually related to or associated with the company it purports to be from.
  • Instruct employees to refrain from supplying log-in credentials or personally identifying information in response to any email.
  • Direct employees to forward suspicious requests for personal information to the information technology or human resources department.
  • Ensure that log-in credentials used for payroll purposes differ from those used for other purposes, such as employee surveys.
  • Apply heightened scrutiny to bank information initiated by employees seeking to update or change direct deposit credentials.
  • Monitor employee logins that occur outside normal business hours.
  • Restrict access to the Internet on systems handling sensitive information or implement two-factor authentication for access to sensitive systems and information.
  • Only allow required processes to run on systems handling sensitive information.

Victim Reporting

The FBI encourages victims to report information concerning suspicious or criminal activity to their local FBI field office, and file a complaint with the IC3 at If your complaint pertains to this particular scheme, then please note payroll diversion in the body of the complaint.

Stop the Data BreachesCornerstone also remains concerned about the data breaches that continue with large retailers and small across the country. Visit the Stop the Data Breaches website and learn more about how we can all work to prevent future data breaches and press members of our congressional delegations for legislative solutions. Consumers must have the ability to know if they have been compromised and have the tools to protect themselves, and credit unions should not have to bear the costs of a retailer's data breach.

National Cyber Security Awareness Month is observed each October since its inception in 2004 in the U.S. Cyber Security Awareness Month encourages vigilance and protection by all computer users.

Security Resources at Your Fingertips

As technology changes, every credit union faces new security issues. Let Credit Union Resources help you stay on top of it—your future could depend on it. Our team of technology professionals provides guidance on compliance, shares best practices, and performs audits. We have a vested interest in your success, and your cybersecurity matters to us. To find out how we can help you manage cybersecurity and operational risks, contact:

Idrees Rafiq
800-442-5762, ext. 6799

Deanna Brown
800-442-5762, ext. 6464