Language switcher

You are here

Salary account fraud on the rise

CERT-EE reports an increase in the number of instances of salary account fraud wherein the employee sends a letter to the HR manager requesting that their salary be transferred to a new bank account starting from the following month. In reality, however, this request is sent by cybercriminals, who take the money.

In the salary account fraud scheme, cybercriminals send a brief e-mail in relatively convincing Estonian to the HR manager, requesting that their salary be transferred to a new bank account starting from the following month. A visual fraud is used – a letter is replaced in the name of the employee or a barely noticeable alteration is made in the domain name (ettevõte.ee vs ettveõte.ee). In addition, the insufficient security of the mail account may be exploited to fake the address of an employee, which is difficult for regular people to notice.

According to Tõnu Tammer, Head of CERT-EE, requests of changing the salary account should be required to be signed digitally. ‘This would help to prevent the majority of salary account fraud and prevent causing financial loss to the company. The exploitation of the company’s e-mail address can be prevented with the DMARC solution, which also displays any misuse of the company’s domain.’

Kertu Kärk
Head of the Communication Department at RIA
5850 9665
kertu.kark@ria.ee

More news on the same subject

12.11.2020

Malware disguised as updates targets Microsoft Teams users

11.11.2020 – Criminals are currently using fake updates to encourage users to download malware through ads that offer updates to Microsoft Teams.

05.11.2020

Experts and organisations were invited to join EU CyberNet Network at the Annual Conference

04.11.2020 – On 30 October, the first EU CyberNet Annual Conference took place at Tallinn Creative Hub focussing on the cyber capacity building projects of the EU, the possibilities for more coordinated and effective delivery of development cooperation, and the role of EU CyberNet in these activities.