top of page

Dangers of Payroll Scams

Payroll Diversion and Direct Deposit Scams

Businesses are losing thousands of dollars to scams, often without realizing it.

Recently, payroll diversion scams have made a concerning comeback, posing significant threats to both companies and their staff. These scams typically involve fraudsters impersonating employees and reaching out to HR or another company member to request changes to direct deposit details. Continue reading to learn how to recognize and prevent these scams from targeting you.





Understanding Payroll Diversion Scams

At its essence, payroll diversion fraud involves redirecting an employee’s salary to a bank account owned by cybercriminals without authorization. This scam usually employs phishing tactics, where leaders, HR staff, or trusted contacts receive emails pretending to be from employees or HR, demanding urgent changes to direct deposit information.


These emails are carefully designed, often mirroring the company’s branding and email format with striking accuracy, to trick employers into modifying employees’ direct deposit settings and sending paychecks to the fraudster’s accounts. Once the payroll funds land in the scammer’s account, recovering them is nearly impossible.


Identifying and Preventing Direct Deposit Scams

Signs of a payroll diversion attempt include unexpected emails asking for personal or financial details, urgency in the message, and communications that seem generic or improperly addressed. Being aware of these red flags can help you avoid disaster.


Common Warning Signs Include:

  • Signature Discrepancies: Exercise caution with direct deposit change forms accompanied by a signature. Despite the use of electronic signatures, these documents should be thoroughly checked until the request's authenticity is verified. Look for clear mistakes, such as misspellings or names in the wrong order, which could indicate deception.

  • Requirement of a Voided Check: Requesting a voided check or bank encoding form with any direct deposit modification is a good practice. Not having these documents should raise doubts about the request's legitimacy. These forms are crucial for verifying that the bank details provided are indeed those of the employee.

  • Email Domain Inconsistencies: Be vigilant about emails claiming to be from trusted sources, like your bank or well-known companies, but coming from inconsistent or suspicious domains, such as “gmail.com” or misspelled company names. This inconsistency strongly suggests a scam attempt. Some fraudsters might even CC a supervisor or the company’s CEO to add a layer of credibility.



  • Links and Attachments: Proceed with Caution: Handle unexpected links or attachments with suspicion. Instead of clicking on links directly, hover over them to preview the URL and check for discrepancies between it and the supposed sender’s web address. A mismatch or unfamiliar characters in the URL is a clear indicator of a scam.



The Role of Vigilance and Verification

Educating employees about phishing risks and the necessity of secure communication is vital. Organizations should enforce strict password policies and encourage using multifactor authentication (MFA) for added security.

Additionally, implementing a multi-step verification process for any direct deposit changes is crucial. This process could involve verbal confirmations, completing a Direct Deposit Authorization Form, and following the “four eyes principle,” requiring two individuals to approve significant transactions.

Requests for sensitive information or financial transactions should always be treated cautiously. Verbal confirmation from the requester, rather than relying solely on email, can greatly reduce the risk of scams.

Furthermore, organizations should watch for signs of fraudulent activity, such as mismatched names and emails, unwarranted urgency, and missing documentation like voided checks. Attention to detail and adherence to established payroll procedures are invaluable defenses against these sophisticated threats.


Conclusion

As payroll diversion and direct deposit scams continue to evolve, the collective efforts of employers, employees, and cybersecurity experts like us at Streamline IT are essential to stop these cybercriminals. By fostering a culture of security awareness, enforcing strong verification processes, and staying alert for fraud signs, companies can safeguard their assets and workforce from the financial and emotional impact of these scams.


Sources:



4 views0 comments

Comments


bottom of page