The Austin offices of the Better Business Bureau is warning businesses and nonprofits of a recurring email scam that recently targeted a Central Texas nonprofit.
Last week, the payroll manager for the YMCA of Austin received an email that seemed to be from the group’s chief executive asking for electronic copies of W-2 forms for all employees. But the writing in the email didn’t seem quite right. Words were used incorrectly and sentences lacked punctuation, said Jim Pacey, vice president of operations at the group.
The payroll manager alerted Pacey about the email, who checked in with CEO and president James Finck, who was on vacation that day. Finck told Pacey the email had not come from him.
Adam Price, regional director of the Better Business Bureau in Central, Coastal and Southwest Texas, said this common scheme is often referred to as the “CEO scam.” The criminals either hack an executive’s email or create an email that looks very similar to theirs and asks lower-level employees for either a financial transaction or documents that will reveal personal information.
With that information, the scammers can then perpetrate identity theft, Price said. The FBI estimates that the scam has led to $1.2 billion in losses since October 2013.
Price said the best protection is to have good communication practices within an organization. If an employee receives a request like this, he said, they should follow up by phone with the requester, or ideally, face-to-face.
“It only works if an associate or employee isn’t comfortable asking,” Price said. “If I get an email from a CEO that’s never made a request like this before, that’s a red flag. It needs to pass a smell test.”
Price also said businesses should have policies in place for protecting their data, including guidelines for creating strong passwords that are regularly updated.
Pacey said his payroll manager, who had read news reports about this type of scam, was well-prepared to handle the scheme, but he wanted to make sure other groups who may be targeted in Central Texas were also on alert.
News on Open Source is free and unlimited. Access to the rest of 512tech.com comes with an American-Statesman digital subscription, which also includes myStatesman.com and the ePaper edition. Subscribe at statesman.com/subscribe.