FREDERICKSBURG, LEBANON CO., Pa. (WHTM) — You get an email from your boss: Send this payment ASAP.

You’re a payroll clerk, and you get an email from an employee: They’ve changed banks; here are the new routing and account numbers for paycheck direct deposits.

“Stop,” said Jami Theiller, cash management sales manager with First Citizens Community Bank (FCCB). “Pick up the phone. Call the person who you think sent you that email.”

Get traffic alerts from the abc27 mobile app for the latest local delays and road closures

And don’t call a number listed in the email, Theiller said, because that could be part of the scam.

“Get the phone number from your files,” she said, or if the email is from a business, “even Google the name of the business and get it off of their website so that you make sure you’re calling the right place.”

FCCB is a 31-branch bank based in Mansfield, Pa., in Tioga County. Theiller spoke with abc27 at a branch in Fredericksburg, Lebanon County. She said banks across the U.S. have noticed more people falling victim to increasingly sophisticated “business email compromise scams,” or spoofing.

Spoofing isn’t new. But it’s one thing to get an email from a bank where you don’t have an account or a company you’ve never done business with. It’s another to get a credible-seeming email from your own bank — or boss or co-worker.

It starts with a hack into your email — but really, it starts before that.

“People who might use Facebook, who might search the web and who are clicking on the wrong links — that’s really what gives your computer a virus, is by clicking on things that you shouldn’t be,” Theiller said.

That opens the door to a hacker, who’s basically a researcher with bad intentions.

“The research that they do is, they can tell who your office manager is, who your accountant is, who your banker is,” Theiller said. Then “they create fraudulent email addresses that are made to look exactly like the email addresses that you typically send emails to.”

Get severe weather alerts with newsletters and push alerts from the abc27 Weather Team!

For example?

“They may take an ‘m’ and use an ‘r’ and an ‘n’ to replace the ‘m,'” Theiller said. “They may take two ‘v’s and replace them with a ‘w.’ They may take the number one and replace it with a capital ‘i.'”

In other words, imagine looking quickly at an otherwise-credible seeming email from an @arnazon.com (see how the “r” and “n” look like an “m”) or @vvalmart.com (the two “v”‘s look like a “w”) email address.

Those are dead giveaways. And no one should be asking for banking information via email anyway.

Call your bank the moment you suspect you might have fallen victim.

“We at that point will reach out to the network of banks that need to be involved in and the discussion about where the money went and how to get it back,” she said. “Banks have gotten really good about working together to try to recover the money as quickly as possible. The key, though, is the timing. You have to make sure you notify the bank immediately.”

Stay up to date with the latest news with the free abc27 News app for iPhone and Android

Even so, Theiller said, “it’s very hard to get those funds back,” hence the emphasis on prevention. She said FCCB and other banks have resources online and in person to help consumers and businesses protect themselves.