SlideShare una empresa de Scribd logo

Safeguarding PeopleSoft Against Direct Deposit Theft

Appsian
Appsian

A guide to mitigating payroll diversion attacks and keeping ERP data safe

Internet
1 de 10
Descargar para leer sin conexión
Safeguarding PeopleSoft Against Direct Deposit Theft A guide to mitigating payroll diversion attacks and keeping ERP data safe SOLUTION BRIEF
Abstract On September 18, 2018, the FBI issued an alert1 stating that “cybercriminals are targeting the online payroll accounts of employees in a variety of industries.” These attacks have since been popularized as payroll diversion scams and direct deposit theft. In most successful attacks, hackers imitate a legitimate sender’s email account and send phishing emails to employees, prompting them to enter their payroll/ERP credentials on a fake login page. Once the employees’ credentials are captured, hackers will login to alter direct deposit information and divert paychecks to a bank account under their own control. Payroll diversion attacks are accomplished using compromised credentials and employers typically only learn of the breach once employees begin reporting their missing paychecks. What’s worse is that hackers can stay within the system undetected long enough to change the info back, leaving organizations with no clue of what happened. While banking information is the primary target in these attacks, hackers will often explore other parts of the application – potentially exposing sensitive information. The breach of personally identifiable information (PII) also makes employers liable for penalties under data privacy regulations such as GDPR. Regulatory liabilities further increase when organizations miss breach notification deadlines due to a lack of evidence. In totality, the price, time, and efforts associated with detection, remediation, and reporting of payroll diversion attacks can be significantly high. Rooted in phishing attacks, the success of this scam relies on social engineering to exploit human error. Unfortunately, no security controls can be implemented to control the human factor, and multiple security leaders2 have agreed that human beings are still the weakest link in an organization’s security strategy. The challenge is to build security features that can mitigate identity-based threats, before and after credentials are compromised. In this solution brief we will discuss security challenges associated with handling payroll diversion in PeopleSoft. The document focuses on how user awareness, contextual access controls, and fine-grained data security can help organizations mitigate payroll diversion. 2 SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft
1. In March 2019, 200 employees at the City of Tallahassee did not receive their paychecks after hackers diverted $500,000 of payroll. While the underlying reason of the attack is under investigation, city officials and security experts speculate that it was caused by a phishing attack on the city’s 3rd party managed payroll system. 2. Hackers are expanding their tactics and targeting not only employees but HR officials as well, effectively convincing them to change direct deposit information on behalf of the employees. While security features cannot dodge such tactics, user awareness and strict self-service protocols can prevent them from being successful. 3. The University of Pittsburgh warned users of a ‘payroll notification scam’ where hackers were attempting to collect employee usernames and passwords by mimicking the University’s login page. 4. Atlanta Public Schools had $56,459 stolen in a payroll diversion scam and discovered several unauthorized changes in direct deposit information of employees. It was also reported that confidential data of all 6,000 of the district’s employees may have been compromised in the attack. 5. Several employees at Denver Public Schools in Colorado fell for a phishing email which resulted in scammers diverting over $40,000 of pay. Hackers used a phishing email so convincing that despite perimeter security features and user awareness initiatives, 30+ users clicked on it. 3 SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft Some notable payroll diversion events5 from the recent past:
4 SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft Validate employment information Claim bonus payout Login to complete registration Verify identity for confirmation Update password for security reasons Hackers often use ‘calls to action’ in phishing emails to lure victims into their fraudulent login pages, such as: Challenges According to the Verizon Data Breach Investigations Report3 , 30% of phishing messages get opened by targeted users, and 12% of those users click on the malicious attachment or link. Most successful payroll diversion attacks stem from hackers who exploit human error to their advantage. These hackers use advanced phishing techniques to prey on unsuspecting employees and lure them into providing valid login credentials to access sensitive information. Despite investment in user awareness and training programs, employees continue falling for phishing emails. In fact, the frequency of successful attacks has significantly increased in the past couple of years. According to the 2019 State of the Phish report4 , credential compromise rose 70% from 2017- 2018, and it has increased 280% since 2016. Why Are Hackers Successful?
5 The Password Problem The password once used to be the beacon of security, so much so that legacy ERP applications like PeopleSoft relied only on a username and password for authentication. However, depending on a single set of credentials is no longer effective! Conditioning users to enter their password every time they access their account grooms them for exploitation. As password-based login becomes a routine, almost a mindless action, users become susceptible to the fraudulent login pages that hackers are using to phish credentials – and victims may only realize what has happened after the damage is done. SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft Mobile & Remote Access Brings New Challenges Many organizations are choosing to expand access to PeopleSoft self-service modules to the public internet. The flexibility of remote access allows employees to perform tasks from anywhere, on any device – delivering increased productivity and efficiency. However, it also greatly expands an organization’s attack surface. If employees are granted full access outside a secure corporate network, hackers who gain access via phished valid credentials will also have no limitations on what they can access remotely – allowing incidents like payroll diversion to happen. Combating payroll diversion requires granular visibility into PeopleSoft activity. Since hackers are using phished credentials to gain access, details around what was viewed inside PeopleSoft and information on a user’s device, IP address, and location must be recorded. Without this information, it is extremely difficult to decipher valid access from compromised access. Unfortunately, PeopleSoft’s native logging capabilities cannot provide this crucial information. Designed in an era before the proliferation of user-centric threats, PeopleSoft logging was originally built to provide data used for testing and troubleshooting. This means that logs are bulky, system-focused, and impractical to scale at the coverage necessary to record user activity without significant performance implications. Due to these reasons, most organizations must limit logging to only record user login and logout activity. Limited Visibility Hinders Detection and Response Efforts
6Safeguarding PeopleSoft Against Direct Deposit Theft Solution A multi-pronged approach is required to mitigate the impacts of payroll diversion. Organizations must address the “human factor” and focus on reducing the success phishing attacks by training users to recognize, avoid and report suspicious emails and fake login pages. Additionally, security enhancements on data protection can help minimize repercussions of compromised credentials. Organizations must also strive to achieve actionable intelligence to fast-track threat detection, exploration, reporting and response. Reduce the Rate of Credential Compromise Educate Users About Phishing and Payroll Diversion Scams User awareness is a key to thwarting phishing attacks. Continuous education and training programs can help reduce the risk of employees falling for payroll diversion scams. Organizations must invest time and resources on training their employees to:  Never share credentials or personal information via email. Follow up on requests via chat, phone call or in person  Be cautious of illegitimate password reset requests, employment validation requests, or other unexpected CTAs requiring your credentials  Click on a sender’s name to verify whether the ‘from’ email address is legitimate and review URLs by hovering their cursor over hyperlinks before clicking  Forward suspicious emails to HR and IT departments and alert the appropriate contacts if they believe their credentials have been compromised SOLUTION BRIEF
7Safeguarding PeopleSoft Against Direct Deposit Theft Eliminate Manual Logins with Single Sign-On for PeopleSoft Using a Single Sign-On solution means that users will no longer be conditioned to manually enter their credentials each time they login. By removing this action, fraudulent phishing pages that request a manual login will seem out of place and stand a higher chance of being caught by your users. Appsian’s PeopleSoft SSO Connector brings native SAML compatibility into PeopleSoft and enables organizations to easily configure Single Sign-On integrated with their respective Identity Provider. With an SSO solution installed, features like embedded links allow users to access specific modules without requiring a password once a login attempt has been authenticated by an identity provider. There’s no fool proof way to combat phishing - every organization will have users who fall prey despite the best preventive measures. Once a hacker obtains valid credentials, application-level security measures that can mitigate malicious access are an organization’s last line of defense. Appsian Security Platform (ASP) is purpose-built for PeopleSoft and enhances security controls at the field, page, and component levels within the application. By combining contextual user and data information with fine-grained security controls, ASP ensures that sensitive data and transactions stay protected, even when credentials are compromised. Mitigate the Risk of Compromised Access SOLUTION BRIEF
8Safeguarding PeopleSoft Against Direct Deposit Theft Adding a second form of authentication to PeopleSoft means that even if a user’s ID and password is compromised, access can be still blocked. While traditional 3rd party MFA solutions can be integrated at PeopleSoft login (with custom development), enforcing arbitrary MFA challenges at every login can hinder usability and cause pushback from end-users. ASP enables organizations to contextually enforce MFA challenges at login and inside the application (for example, at the banking information page). Tying in contextual information, such as location, device, or data sensitivity, allows organizations to enforce MFA only where needed, in turn matching security with risk and improving usability. Secure User Identity with Multi-Factor Authentication Protect Remote Access with Location-Based Security ASP enhances PeopleSoft with contextual access controls that provide the protection necessary in today’s dynamic business environment. Adding flexibility to access control policies, ASP allows organizations to dynamically change privileges based on the context of access. For example, organizations can block remote access to high risk transactions (i.e. changing bank account info) or enforce additional security measures (such as MFA or data masking) when access is outside of a trusted network. ASP’s location-based security can significantly reduce the risk of remote access and enables organizations to better align to the principal of least privilege. Gain Direct Visibility into PeopleSoft with User Activity Logging ASP records user activity on a granular level, enabling organizations to identify suspicious access and follow up on user-activity around banking information. Combined with fine-grained security features, ASP generates detailed logs enriched with contextual information such as the location of access, what was viewed, when, by whom, device, IP address and more. By providing a full audit trail of user activity, ASP’s logs allow security teams know exactly what was accessed when a user’s credentials were compromised. These logs also help organizations fast-track incident response and stay prepared for regulatory or internal reporting. SOLUTION BRIEF
9Safeguarding PeopleSoft Against Direct Deposit Theft Deploy Real-Time Analytics to Expedite Detection and Response Detailed PeopleSoft user activity logs are fundamental to security audits. Without this information most organizations would be flying blind. However, manual analysis must still be performed, and this takes time. ASP’s Real-Time Analytics extension allows customers to visualize detailed user activity logs on SIEM dashboards to gain actionable intelligence. Data visualizations highlight noteworthy patterns and trends, enabling customers to quickly identify suspicious activity. Drill down capabilities allow security teams to further investigate suspicious transactions and view a complete audit trail of a user’s activity. By reducing the time required to detect and investigate security incidents, ASP improves PeopleSoft incident response capabilities and alleviates the pressure of looming breach notification deadlines. Payroll diversion scams can cause direct and unrecoverable monetary damages. The repercussions of attacks can escalate to regulatory non-compliance and associated penalties if remediation and reporting efforts are slow. Well-strategized security layers combined with user awareness can be instrumental in preventing payroll diversion. However, organizations must always be prepared to mitigate imminent threats. With continuous user-activity monitoring and deep visibility into payroll activity, organizations can achieve the oversight needed to respond to threats effectively. Summary About Appsian’s Security Platform Appsian Security Platform (ASP) allows PeopleSoft customers to enhance their security posture by enabling fine-grained data protection and contextually aware security features. ASP is the only solution of its kind that natively integrates into the PeopleSoft webserver without requiring additional hardware or impacting the underlying PeopleCode and future updates. By layering identity verification and contextual access control capabilities, ASP can help organizations prevent damaging payroll diversion attacks. Furthermore, granular logging and deep activity monitoring simplifies incident response efforts. The best part - ASP is cost effective and has a shorter implementation timeline in comparison to the alternative of multiple custom integration projects. SOLUTION BRIEF
8111 Lyndon B Johnson Fwy. Dallas, TX 75251 +1 (469) 906-2100 © Appsian 2019 info@appsian.com References 1 https://www.ic3.gov/media/2018/180918.aspx 2 https://securityintelligence.com/how-to-build-a-corporate-culture-of-cyber-awareness/ 3 https://www.ictsecuritymagazine.com/wp-content/uploads/2017-Data-Breach-Investigations-Report.pdf 4 https://www.proofpoint.com/sites/default/files/pfpt-us-tr-state-of-the-phish-2019.pdf 5 - Payroll diversion events: https://www.tallahassee.com/story/news/2019/04/05/almost-500-k-swiped-city-tallahassee-payroll-hack/3379242002/ https://www.vadesecure.com/en/vade-secure-uncovers-ongoing-direct-deposit-spear-phishing-attacks/ https://www.technology.pitt.edu/news-and-alerts/phishing-alert-pittsburgh-payroll-notification-scam-mimics-pitt-passport-login-page https://www.ajc.com/news/local-education/atlanta-schools-says-confidential-data-for-all-employees-potentially-exposed/gGg8UGVudZmQH6b9Ao9geI/ https://kdvr.com/2017/04/05/phishing-scam-diverts-more-than-40k-from-denver-public-schools/

Recomendados

IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET Journal
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
Customer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceCustomer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceJordan Schroeder
 
COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...
COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...
COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...IJCSEA Journal
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersJaime Manteiga
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till nowelakkiya poongunran
 

Recomendados

IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET Journal
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
Customer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceCustomer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceJordan Schroeder
 
COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...
COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...
COUNTER CHALLENGE AUTHENTICATION METHOD: A DEFEATING SOLUTION TO PHISHING ATT...IJCSEA Journal
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersJaime Manteiga
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till nowelakkiya poongunran
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gchiewmingli
 
Article how can organisations tackle business email compromise - paul wright
Article how can organisations tackle business email compromise - paul wrightArticle how can organisations tackle business email compromise - paul wright
Article how can organisations tackle business email compromise - paul wrightPaul Wright MSc
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014EMC
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
Spear Phishing 101
Spear Phishing 101Spear Phishing 101
Spear Phishing 101Sendio
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
Phishing
PhishingPhishing
PhishingSaurabhKantSahu1
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemNarendra Singh
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Appsian securing mobile_ess_solution_brief
Appsian securing mobile_ess_solution_briefAppsian securing mobile_ess_solution_brief
Appsian securing mobile_ess_solution_briefAppsian
 
Peoplesoft Best Practices for Maintaining Security
Peoplesoft Best Practices for Maintaining SecurityPeoplesoft Best Practices for Maintaining Security
Peoplesoft Best Practices for Maintaining SecurityAppsian
 

Más contenido relacionado

La actualidad más candente

Article how can organisations tackle business email compromise - paul wright
Article how can organisations tackle business email compromise - paul wrightArticle how can organisations tackle business email compromise - paul wright
Article how can organisations tackle business email compromise - paul wrightPaul Wright MSc
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014EMC
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
Spear Phishing 101
Spear Phishing 101Spear Phishing 101
Spear Phishing 101Sendio
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemNarendra Singh
 

La actualidad más candente (18)

P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Article how can organisations tackle business email compromise - paul wright
Article how can organisations tackle business email compromise - paul wrightArticle how can organisations tackle business email compromise - paul wright
Article how can organisations tackle business email compromise - paul wright
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
 
Spear Phishing 101
Spear Phishing 101Spear Phishing 101
Spear Phishing 101
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing
PhishingPhishing
Phishing
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
Phishing
PhishingPhishing
Phishing
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII Sem
 

Similar a Safeguarding PeopleSoft Against Direct Deposit Theft

Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Appsian securing mobile_ess_solution_brief
Appsian securing mobile_ess_solution_briefAppsian securing mobile_ess_solution_brief
Appsian securing mobile_ess_solution_briefAppsian
 
Peoplesoft Best Practices for Maintaining Security
Peoplesoft Best Practices for Maintaining SecurityPeoplesoft Best Practices for Maintaining Security
Peoplesoft Best Practices for Maintaining SecurityAppsian
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft ErpAppsian
 
Account Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionAccount Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionKalin Hitrov
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...IRJET Journal
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing AttacksRapid7
 
Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsdeorwine infotech
 
Running head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docx
Running head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docxRunning head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docx
Running head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docxtodd521
 
Learn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf SecurityLearn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf SecurityAardwolf Security
 
Atha Corporation[Type text]To All EmployeesCC Exec.docx
Atha Corporation[Type text]To All EmployeesCC Exec.docxAtha Corporation[Type text]To All EmployeesCC Exec.docx
Atha Corporation[Type text]To All EmployeesCC Exec.docxjaggernaoma
 
Best Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxBest Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxArindamGhosal6
 
Cyber security
Cyber securityCyber security
Cyber securityJoseMerda1
 
Human Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk AdvisoryHuman Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk AdvisoryCR Group
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkJahangirnagar University
 

Similar a Safeguarding PeopleSoft Against Direct Deposit Theft (20)

Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
 
Appsian securing mobile_ess_solution_brief
Appsian securing mobile_ess_solution_briefAppsian securing mobile_ess_solution_brief
Appsian securing mobile_ess_solution_brief
 
Peoplesoft Best Practices for Maintaining Security
Peoplesoft Best Practices for Maintaining SecurityPeoplesoft Best Practices for Maintaining Security
Peoplesoft Best Practices for Maintaining Security
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft Erp
 
Account Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionAccount Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full Protection
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing Attacks
 
Stay safe online- understanding authentication methods
Stay safe online- understanding authentication methodsStay safe online- understanding authentication methods
Stay safe online- understanding authentication methods
 
Running head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docx
Running head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docxRunning head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docx
Running head SOCIAL ENGINEERING1SOCIAL ENGINEERING 6As a .docx
 
Learn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf SecurityLearn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf Security
 
Atha Corporation[Type text]To All EmployeesCC Exec.docx
Atha Corporation[Type text]To All EmployeesCC Exec.docxAtha Corporation[Type text]To All EmployeesCC Exec.docx
Atha Corporation[Type text]To All EmployeesCC Exec.docx
 
Best Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxBest Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Human Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk AdvisoryHuman Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk Advisory
 
Data breach
Data breachData breach
Data breach
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
 

Más de Appsian

Appsian payroll diversion_infographic
Appsian payroll diversion_infographicAppsian payroll diversion_infographic
Appsian payroll diversion_infographicAppsian
 
Appsian compliance risk_analytics_data_sheet(1)
Appsian compliance risk_analytics_data_sheet(1)Appsian compliance risk_analytics_data_sheet(1)
Appsian compliance risk_analytics_data_sheet(1)Appsian
 
2020 content sap_solution_brief_saprecon
2020 content sap_solution_brief_saprecon2020 content sap_solution_brief_saprecon
2020 content sap_solution_brief_sapreconAppsian
 
Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019Appsian
 
Appsian remote access_infographic
Appsian remote access_infographicAppsian remote access_infographic
Appsian remote access_infographicAppsian
 
Effective multi factor authentication for people soft
Effective multi factor authentication for people softEffective multi factor authentication for people soft
Effective multi factor authentication for people softAppsian
 
Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019Appsian
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_Appsian
 
Sap rba cplus_abac_datasheet_appsian_2020
Sap rba cplus_abac_datasheet_appsian_2020Sap rba cplus_abac_datasheet_appsian_2020
Sap rba cplus_abac_datasheet_appsian_2020Appsian
 
Establishing CCPA Compliance in Legacy PeopleSoft Systems
Establishing CCPA Compliance in Legacy PeopleSoft SystemsEstablishing CCPA Compliance in Legacy PeopleSoft Systems
Establishing CCPA Compliance in Legacy PeopleSoft SystemsAppsian
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftAppsian
 
Appsian360 For SAP and PeopleSoft
Appsian360 For SAP and PeopleSoftAppsian360 For SAP and PeopleSoft
Appsian360 For SAP and PeopleSoftAppsian
 
Sap Grc Security
Sap Grc SecuritySap Grc Security
Sap Grc SecurityAppsian
 

Más de Appsian (13)

Appsian payroll diversion_infographic
Appsian payroll diversion_infographicAppsian payroll diversion_infographic
Appsian payroll diversion_infographic
 
Appsian compliance risk_analytics_data_sheet(1)
Appsian compliance risk_analytics_data_sheet(1)Appsian compliance risk_analytics_data_sheet(1)
Appsian compliance risk_analytics_data_sheet(1)
 
2020 content sap_solution_brief_saprecon
2020 content sap_solution_brief_saprecon2020 content sap_solution_brief_saprecon
2020 content sap_solution_brief_saprecon
 
Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019
 
Appsian remote access_infographic
Appsian remote access_infographicAppsian remote access_infographic
Appsian remote access_infographic
 
Effective multi factor authentication for people soft
Effective multi factor authentication for people softEffective multi factor authentication for people soft
Effective multi factor authentication for people soft
 
Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019Asp for sap_data_sheet___appsian_application_security_platform_2019
Asp for sap_data_sheet___appsian_application_security_platform_2019
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_
 
Sap rba cplus_abac_datasheet_appsian_2020
Sap rba cplus_abac_datasheet_appsian_2020Sap rba cplus_abac_datasheet_appsian_2020
Sap rba cplus_abac_datasheet_appsian_2020
 
Establishing CCPA Compliance in Legacy PeopleSoft Systems
Establishing CCPA Compliance in Legacy PeopleSoft SystemsEstablishing CCPA Compliance in Legacy PeopleSoft Systems
Establishing CCPA Compliance in Legacy PeopleSoft Systems
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
 
Appsian360 For SAP and PeopleSoft
Appsian360 For SAP and PeopleSoftAppsian360 For SAP and PeopleSoft
Appsian360 For SAP and PeopleSoft
 
Sap Grc Security
Sap Grc SecuritySap Grc Security
Sap Grc Security
 

Último

Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 

Último (20)

Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 

Safeguarding PeopleSoft Against Direct Deposit Theft

  • 1. Safeguarding PeopleSoft Against Direct Deposit Theft A guide to mitigating payroll diversion attacks and keeping ERP data safe SOLUTION BRIEF
  • 2. Abstract On September 18, 2018, the FBI issued an alert1 stating that “cybercriminals are targeting the online payroll accounts of employees in a variety of industries.” These attacks have since been popularized as payroll diversion scams and direct deposit theft. In most successful attacks, hackers imitate a legitimate sender’s email account and send phishing emails to employees, prompting them to enter their payroll/ERP credentials on a fake login page. Once the employees’ credentials are captured, hackers will login to alter direct deposit information and divert paychecks to a bank account under their own control. Payroll diversion attacks are accomplished using compromised credentials and employers typically only learn of the breach once employees begin reporting their missing paychecks. What’s worse is that hackers can stay within the system undetected long enough to change the info back, leaving organizations with no clue of what happened. While banking information is the primary target in these attacks, hackers will often explore other parts of the application – potentially exposing sensitive information. The breach of personally identifiable information (PII) also makes employers liable for penalties under data privacy regulations such as GDPR. Regulatory liabilities further increase when organizations miss breach notification deadlines due to a lack of evidence. In totality, the price, time, and efforts associated with detection, remediation, and reporting of payroll diversion attacks can be significantly high. Rooted in phishing attacks, the success of this scam relies on social engineering to exploit human error. Unfortunately, no security controls can be implemented to control the human factor, and multiple security leaders2 have agreed that human beings are still the weakest link in an organization’s security strategy. The challenge is to build security features that can mitigate identity-based threats, before and after credentials are compromised. In this solution brief we will discuss security challenges associated with handling payroll diversion in PeopleSoft. The document focuses on how user awareness, contextual access controls, and fine-grained data security can help organizations mitigate payroll diversion. 2 SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft
  • 3. 1. In March 2019, 200 employees at the City of Tallahassee did not receive their paychecks after hackers diverted $500,000 of payroll. While the underlying reason of the attack is under investigation, city officials and security experts speculate that it was caused by a phishing attack on the city’s 3rd party managed payroll system. 2. Hackers are expanding their tactics and targeting not only employees but HR officials as well, effectively convincing them to change direct deposit information on behalf of the employees. While security features cannot dodge such tactics, user awareness and strict self-service protocols can prevent them from being successful. 3. The University of Pittsburgh warned users of a ‘payroll notification scam’ where hackers were attempting to collect employee usernames and passwords by mimicking the University’s login page. 4. Atlanta Public Schools had $56,459 stolen in a payroll diversion scam and discovered several unauthorized changes in direct deposit information of employees. It was also reported that confidential data of all 6,000 of the district’s employees may have been compromised in the attack. 5. Several employees at Denver Public Schools in Colorado fell for a phishing email which resulted in scammers diverting over $40,000 of pay. Hackers used a phishing email so convincing that despite perimeter security features and user awareness initiatives, 30+ users clicked on it. 3 SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft Some notable payroll diversion events5 from the recent past:
  • 4. 4 SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft Validate employment information Claim bonus payout Login to complete registration Verify identity for confirmation Update password for security reasons Hackers often use ‘calls to action’ in phishing emails to lure victims into their fraudulent login pages, such as: Challenges According to the Verizon Data Breach Investigations Report3 , 30% of phishing messages get opened by targeted users, and 12% of those users click on the malicious attachment or link. Most successful payroll diversion attacks stem from hackers who exploit human error to their advantage. These hackers use advanced phishing techniques to prey on unsuspecting employees and lure them into providing valid login credentials to access sensitive information. Despite investment in user awareness and training programs, employees continue falling for phishing emails. In fact, the frequency of successful attacks has significantly increased in the past couple of years. According to the 2019 State of the Phish report4 , credential compromise rose 70% from 2017- 2018, and it has increased 280% since 2016. Why Are Hackers Successful?
  • 5. 5 The Password Problem The password once used to be the beacon of security, so much so that legacy ERP applications like PeopleSoft relied only on a username and password for authentication. However, depending on a single set of credentials is no longer effective! Conditioning users to enter their password every time they access their account grooms them for exploitation. As password-based login becomes a routine, almost a mindless action, users become susceptible to the fraudulent login pages that hackers are using to phish credentials – and victims may only realize what has happened after the damage is done. SOLUTION BRIEF Safeguarding PeopleSoft Against Direct Deposit Theft Mobile & Remote Access Brings New Challenges Many organizations are choosing to expand access to PeopleSoft self-service modules to the public internet. The flexibility of remote access allows employees to perform tasks from anywhere, on any device – delivering increased productivity and efficiency. However, it also greatly expands an organization’s attack surface. If employees are granted full access outside a secure corporate network, hackers who gain access via phished valid credentials will also have no limitations on what they can access remotely – allowing incidents like payroll diversion to happen. Combating payroll diversion requires granular visibility into PeopleSoft activity. Since hackers are using phished credentials to gain access, details around what was viewed inside PeopleSoft and information on a user’s device, IP address, and location must be recorded. Without this information, it is extremely difficult to decipher valid access from compromised access. Unfortunately, PeopleSoft’s native logging capabilities cannot provide this crucial information. Designed in an era before the proliferation of user-centric threats, PeopleSoft logging was originally built to provide data used for testing and troubleshooting. This means that logs are bulky, system-focused, and impractical to scale at the coverage necessary to record user activity without significant performance implications. Due to these reasons, most organizations must limit logging to only record user login and logout activity. Limited Visibility Hinders Detection and Response Efforts
  • 6. 6Safeguarding PeopleSoft Against Direct Deposit Theft Solution A multi-pronged approach is required to mitigate the impacts of payroll diversion. Organizations must address the “human factor” and focus on reducing the success phishing attacks by training users to recognize, avoid and report suspicious emails and fake login pages. Additionally, security enhancements on data protection can help minimize repercussions of compromised credentials. Organizations must also strive to achieve actionable intelligence to fast-track threat detection, exploration, reporting and response. Reduce the Rate of Credential Compromise Educate Users About Phishing and Payroll Diversion Scams User awareness is a key to thwarting phishing attacks. Continuous education and training programs can help reduce the risk of employees falling for payroll diversion scams. Organizations must invest time and resources on training their employees to:  Never share credentials or personal information via email. Follow up on requests via chat, phone call or in person  Be cautious of illegitimate password reset requests, employment validation requests, or other unexpected CTAs requiring your credentials  Click on a sender’s name to verify whether the ‘from’ email address is legitimate and review URLs by hovering their cursor over hyperlinks before clicking  Forward suspicious emails to HR and IT departments and alert the appropriate contacts if they believe their credentials have been compromised SOLUTION BRIEF
  • 7. 7Safeguarding PeopleSoft Against Direct Deposit Theft Eliminate Manual Logins with Single Sign-On for PeopleSoft Using a Single Sign-On solution means that users will no longer be conditioned to manually enter their credentials each time they login. By removing this action, fraudulent phishing pages that request a manual login will seem out of place and stand a higher chance of being caught by your users. Appsian’s PeopleSoft SSO Connector brings native SAML compatibility into PeopleSoft and enables organizations to easily configure Single Sign-On integrated with their respective Identity Provider. With an SSO solution installed, features like embedded links allow users to access specific modules without requiring a password once a login attempt has been authenticated by an identity provider. There’s no fool proof way to combat phishing - every organization will have users who fall prey despite the best preventive measures. Once a hacker obtains valid credentials, application-level security measures that can mitigate malicious access are an organization’s last line of defense. Appsian Security Platform (ASP) is purpose-built for PeopleSoft and enhances security controls at the field, page, and component levels within the application. By combining contextual user and data information with fine-grained security controls, ASP ensures that sensitive data and transactions stay protected, even when credentials are compromised. Mitigate the Risk of Compromised Access SOLUTION BRIEF
  • 8. 8Safeguarding PeopleSoft Against Direct Deposit Theft Adding a second form of authentication to PeopleSoft means that even if a user’s ID and password is compromised, access can be still blocked. While traditional 3rd party MFA solutions can be integrated at PeopleSoft login (with custom development), enforcing arbitrary MFA challenges at every login can hinder usability and cause pushback from end-users. ASP enables organizations to contextually enforce MFA challenges at login and inside the application (for example, at the banking information page). Tying in contextual information, such as location, device, or data sensitivity, allows organizations to enforce MFA only where needed, in turn matching security with risk and improving usability. Secure User Identity with Multi-Factor Authentication Protect Remote Access with Location-Based Security ASP enhances PeopleSoft with contextual access controls that provide the protection necessary in today’s dynamic business environment. Adding flexibility to access control policies, ASP allows organizations to dynamically change privileges based on the context of access. For example, organizations can block remote access to high risk transactions (i.e. changing bank account info) or enforce additional security measures (such as MFA or data masking) when access is outside of a trusted network. ASP’s location-based security can significantly reduce the risk of remote access and enables organizations to better align to the principal of least privilege. Gain Direct Visibility into PeopleSoft with User Activity Logging ASP records user activity on a granular level, enabling organizations to identify suspicious access and follow up on user-activity around banking information. Combined with fine-grained security features, ASP generates detailed logs enriched with contextual information such as the location of access, what was viewed, when, by whom, device, IP address and more. By providing a full audit trail of user activity, ASP’s logs allow security teams know exactly what was accessed when a user’s credentials were compromised. These logs also help organizations fast-track incident response and stay prepared for regulatory or internal reporting. SOLUTION BRIEF
  • 9. 9Safeguarding PeopleSoft Against Direct Deposit Theft Deploy Real-Time Analytics to Expedite Detection and Response Detailed PeopleSoft user activity logs are fundamental to security audits. Without this information most organizations would be flying blind. However, manual analysis must still be performed, and this takes time. ASP’s Real-Time Analytics extension allows customers to visualize detailed user activity logs on SIEM dashboards to gain actionable intelligence. Data visualizations highlight noteworthy patterns and trends, enabling customers to quickly identify suspicious activity. Drill down capabilities allow security teams to further investigate suspicious transactions and view a complete audit trail of a user’s activity. By reducing the time required to detect and investigate security incidents, ASP improves PeopleSoft incident response capabilities and alleviates the pressure of looming breach notification deadlines. Payroll diversion scams can cause direct and unrecoverable monetary damages. The repercussions of attacks can escalate to regulatory non-compliance and associated penalties if remediation and reporting efforts are slow. Well-strategized security layers combined with user awareness can be instrumental in preventing payroll diversion. However, organizations must always be prepared to mitigate imminent threats. With continuous user-activity monitoring and deep visibility into payroll activity, organizations can achieve the oversight needed to respond to threats effectively. Summary About Appsian’s Security Platform Appsian Security Platform (ASP) allows PeopleSoft customers to enhance their security posture by enabling fine-grained data protection and contextually aware security features. ASP is the only solution of its kind that natively integrates into the PeopleSoft webserver without requiring additional hardware or impacting the underlying PeopleCode and future updates. By layering identity verification and contextual access control capabilities, ASP can help organizations prevent damaging payroll diversion attacks. Furthermore, granular logging and deep activity monitoring simplifies incident response efforts. The best part - ASP is cost effective and has a shorter implementation timeline in comparison to the alternative of multiple custom integration projects. SOLUTION BRIEF
  • 10. 8111 Lyndon B Johnson Fwy. Dallas, TX 75251 +1 (469) 906-2100 © Appsian 2019 info@appsian.com References 1 https://www.ic3.gov/media/2018/180918.aspx 2 https://securityintelligence.com/how-to-build-a-corporate-culture-of-cyber-awareness/ 3 https://www.ictsecuritymagazine.com/wp-content/uploads/2017-Data-Breach-Investigations-Report.pdf 4 https://www.proofpoint.com/sites/default/files/pfpt-us-tr-state-of-the-phish-2019.pdf 5 - Payroll diversion events: https://www.tallahassee.com/story/news/2019/04/05/almost-500-k-swiped-city-tallahassee-payroll-hack/3379242002/ https://www.vadesecure.com/en/vade-secure-uncovers-ongoing-direct-deposit-spear-phishing-attacks/ https://www.technology.pitt.edu/news-and-alerts/phishing-alert-pittsburgh-payroll-notification-scam-mimics-pitt-passport-login-page https://www.ajc.com/news/local-education/atlanta-schools-says-confidential-data-for-all-employees-potentially-exposed/gGg8UGVudZmQH6b9Ao9geI/ https://kdvr.com/2017/04/05/phishing-scam-diverts-more-than-40k-from-denver-public-schools/