Do you know that if you receive an email from an employee of your organization requesting you to update his or her bank details and informing you of the new bank account (IBAN) on which to credit their next salaries, it could be a fraud?
How does it work?
Some cyber criminals, by setting up a fake employee mailbox or directly hacking into an employee’s company mailbox, are increasingly sending fake messages to HR managers informing them that they have changed their bank account (IBAN). Reporting the new bank details, which are obviously controlled by the fraudster, they request that future salaries be accredited there.
How to protect your organization?
- Never change an IBAN just because you are asked by email, and always check the sender’s email address.
- It is always preferable to speak by phone or vis-à-vis the employee involved.
But that is not all. Please consider that improper processing of personal information exposes an organization to the risk of incurring one or more of the breaches set out in the privacy regulations.
Continue reading the full version published in Norme e Tributi Plus Lavoro del Il Sole 24 Ore.
