You have been working hard for the past month and today is payday! You are excited that you will be getting your salary. You start to plan everything, how you are going to reward yourself. Every one of your colleagues’ phones start to ring because of the salary deposited messages. You are not yet worried as it can take a while sometimes and you have never heard of any salary scam.
Now it has been 3 hours and your account is not credited by any amount. You are now worried, you visit the accounts guy and he promptly tells you your salary was credited! That is it, your entire month’s salary gone. But what happened? Where did it go? How did it end up there? Today we will discuss this Salary Scam and how it works. Keep on reading to know more…
How does The Salary Scam start?
One day you receive a message saying that you have got a gift card for the website you keep on shopping regularly. Well of course you will be happy who doesn’t like gift cards afterall, isn’t it? You click on the link and land up on a page that tells you the only thing between you and your gift card is a 2 min survey which you will see after you login via your email id.
You happily login and complete the survey. You also receive the gift card the website promised. The one thing you did not notice is that the website has already got your login credentials very easily, confused how? Have a look at this image below
You will notice that the page on which you made the login was not google’s genuine login portal, instead it was a mockup page created to record the password you just entered.
The Fake Email generation
Getting the email id and the password was the initial step the scammer had to take. The main and the critical part of the scam begins now.
In order to scam your salary the scammer has to create an email that will not look suspicious and also send it to the Accounts department so that they will change your bank account details from the current account in which your salary is deposited to the account the scammer has requested to deposit the salary.
The scammer will very precisely write an email pretending to be you and ask to change the account details. The first step of the scam is completed!
How does the HR department react?
Now when the Accounts Department receives the email which the scammer has sent pretending to be you. The department will check whether the email id matches the email id in their database. Now this verification will be cleared easily as the scammer has sent it through your email. Sometimes the company will not do any verifications whatsoever and change the account details.
But one thing is that the company will for sure send you an email that the request has been accepted and your account details have been changed. This the email the scammer has been waiting for to pop up. As soon as the email is received the scammer immediately deletes the email so that you will never find out about this conversation. The scammers also start sending spam emails to you frequently during this period so that the chances of the account details changing gets ignored.
The salary is gone
So finally the day arrives when you are expecting your salary. Everyone’s mobile rang except yours. You reach out to the Accounts department to realize the entire scenario. He tells you that on your request he changed your account details to the new one provided by you. Then the notification tone rings, but on the scammers phone!
This is how clever scammers have got, luring you into the trap of a gift card and then proceeding to eat up your entire month’s salary!
What should you do to stay safe from this Salary Scam:
- No matter what, always use Two Factor Authentication for your account. So that whenever someone tries to login in your account they will need to enter a code which is only visible on your mobile phone.
- Try to use a different email id for work purposes. So that even if the Scammer gains access to your account the will not do any further damage.
- Always check the websites url before entering your google account details.
- If you suspect something, try entering a wrong password, these websites will not understand whether the password entered was correct or wrong as they are not linked to google databases.
- When you start receiving spam emails at a very high rate than usual immediately start to change your account passwords and restrict every other devices
Remember that precautions are always better than facing the adverse effects. Would you like to change your passwords or lose your salary? Choice is always yours!
The frequency at which this Salary Scam occurs is very less. Because it requires a lot of work to be done and also the success rate of this scam is very less. The Scammer will have to first gain access to your email address which is not that hard if you yourself permit him to do so. But to get you to click these links is a difficult task.
Now even if the scammer has your credentials he will have to send an email pretending to be you to the HR/Accounts department. Even if he sends the email companies will most probably do a cross checking with you that we have got such and such email do you want to do it? That is when you will understand your email id has been compromised.
This scam is not that popular amongst scammer’s because they want to make quick money with less effort. But imagine if someone decides to do it your entire month’s salary is on stake. If he succeeds your entire month’s salary will be gone and never to be seen again!
If you find this article useful share it with your colleagues and make them aware of this ongoing salary scam!
Stay Safe Digitally!