Cyber Thieves Targeting Payroll Systems: What You Need to Know

A sneaky group called Storm-2657 is causing trouble. They are breaking into employee accounts to steal salaries. This group is mostly going after U. S. companies, especially those in higher education. They are using HR software like Workday to do this. The scary part? They are not hacking the software itself. Instead, they trick people into giving up their login details. They use fake emails to steal passwords and security codes. Once they have access, they change the payment details to send money to their own accounts. In one case, they got into 11 accounts at three universities. From there, they sent out more fake emails to almost 6, 000 people at 25 universities. These emails were about things like illnesses or misconduct to make people click on fake links. To stay safe, companies should use better security methods. Things like FIDO2 security keys can help stop these attacks. They should also keep an eye out for any strange activity, like unknown devices or suspicious email rules. This is a big problem. It shows how important it is to have strong security measures in place. Everyone should be careful and think twice before clicking on any suspicious links.