Cyber Thieves Targeting Payroll Systems: What You Need to Know

A Sneaky Group Called Storm-2657 Is Causing Trouble

They are breaking into employee accounts to steal salaries.

• Target: Mostly U.S. companies, especially those in higher education.
• Method: Using HR software like Workday.
• Tactic: Tricking people into giving up login details via fake emails.

The Scary Part?

• They are not hacking the software itself.
• They steal passwords and security codes.
• Once inside, they change payment details to send money to their own accounts.

A Recent Case

• 11 accounts at three universities were compromised.
• Almost 6,000 people at 25 universities received fake emails.
• The emails were about illnesses or misconduct to make people click on fake links.

How to Stay Safe

• Use better security methods like FIDO2 security keys.
• Monitor for strange activity, such as unknown devices or suspicious email rules.

The Big Problem

• This shows how important it is to have strong security measures in place.
• Everyone should be careful and think twice before clicking on any suspicious links.