Posted
on Wednesday, October 22, 2025
in
Identity Theft Prevention
In this week’s scam, you receive an email that appears to be from your organization’s human resources (HR) department. The email seems to be related to your compensation and benefits, and contains a link for you to click so that you can log in to your HR portal to find out more information. If you click the link, you’ll be taken to a login page.
However, the email you received is actually a phishing scam, and the login page is a fake page created by cybercriminals to trick you into entering your user information. If you enter your user credentials, scammers will steal this information and use it to log in to your organization’s real HR portal. Once the cybercriminals have gained access to your profile, they change your direct deposit information so that your paychecks will be sent directly to their bank accounts!
Follow these tips to avoid falling victim to this phishing scam:
- Be cautious of any unexpected or urgent emails, even if they appear to be from HR. Scammers use fear and a sense of urgency to trick you into acting without thinking.
- Never click links in an email to log into your work accounts. Instead, open a new window and log in to the official website.
- Always follow your organization's procedures for reporting suspected phishing emails. Quick action helps protect your colleagues and your organization from cyberattacks.
Article provided by:
KnowBe4.com