The American Postal Workers Union has disclosed that at least 460 of its members lost a million dollars in paychecks through a scam in which the scammers set up fake USPS HR websites that were used by the scammers to trick the postal workers who went to the phony websites to provide their usernames and passwords which the scammers then used to access the postal workers’ real accounts and have the paychecks sent to accounts controlled by the scammers.

Payroll diversion scams such as this are becoming a major problem, but can be avoided by taking a few precautions.


Whenever you are going to a website you should never go by clicking on a link in an email or text message.  Nor should you trust a search engine search to provide you with the real website.  Algorithms used by search engine such as Google can be manipulated by sophisticated scammers to have their phony websites appear at the top of a search.  Instead you should confirm the URL of the site you are looking for and enter it manually.

Additionally, because the risk of your user name and password being compromised is great, whenever possible you should use dual factor authentication so that even if someone manages to obtain your user name and password, they will not be able to access your account.

If you are not a subscriber to and would like to receive free daily emails with the Scam of the day, all you need to do is sign up for free using this link.