Cyber thieves and scammers continue to showcase their influence by targeting entities in search of monetary gains. Cyber-attacks have reached an all-time high and have started to focus on organizations we once thought were safer than businesses. It seems like more news breaks every day about how school districts are falling victim to cyber criminals and this trend is showing no signs of slowing down. Recently, Atlanta Public Schools found itself in trouble after a cyber-attack was successfully carried out on its payroll system.
This attack was possible because the school district failed to properly train its employees on how to identify cyber-criminal tactics or properly handle a full-fledged cyber-attack.
Read Also: On Your Guard
According to reports, paychecks belonging to 27 Atlanta Public School district employees were stolen when a phishing attack that prompted the victims to click on a link specifically engineered to provide cyber criminals with access to payroll login information. The cyber-criminals then used the login information to reroute the employees’ direct deposits to accounts that were accessible by the criminals. As a result, the fraudsters successfully got away with $56,459 in payroll funds.
School officials say the district is currently enhancing its security measures and will begin providing additional security training to its employees. And while that may be a step in the right direction, for those who fell victim to this specific attack, the damage is done and, as in most cases, the money will never be recovered.
Protective Measures
So, what can employees and employers do to prevent falling victim to a cyber-attack? Here are some recommendations to protect you and your company from cyber criminals:
For Employees
- Never provide login credentials (username and password) in response to email requests. Institutions will rarely ask for login credential information via online communication methods.
- Verify the source of email messages before clicking on ANY hyperlinks in the email. Check for inconsistencies in the sender’s email address from what you would expect. Hackers often use tactics to make the source of the email appear like it is being sent from a trusted source.
If you believe your account has been compromised in any manner, contact your system administrator immediately to confirm the attack and to have your account disabled.
For Employers
- Any organization handling sensitive information should use two-step authentication for employee access, which requires login credentials and a separate unrelated passkey for authentication and entrance.
- Setup notifications to the employee when any direct deposit changes are made (using the employee’s email address on file). Employees should also be able to notify the employer if changes were not initiated by them.
- Confirm direct deposit changes directly with employees to ensure all changes were authorized.
- Review direct deposit changes during the payroll period prior to processing.
Visit our website for access to additional information and on the topics of cybercrime and data security. You can also read what some of our experts have to say about these topics in our article library. If you have any other questions about a recent data breach or are looking for additional cybersecurity tips and insight, email Rea & Associates for answers.
By Travis Strong, CISA (Wooster, OH)