Payroll diversion fraud is a type of financial fraud in which criminals impersonate an employee or business owner in order to divert payroll or payments to a bank account they control. This can be a costly and time-consuming problem for businesses, but it can be prevented by being aware of the red flags and implementing strong security measures.
What is payroll diversion fraud?
Payroll diversion fraud typically involves the following steps:
- The criminals research the target company and identify an employee with access to the payroll system.
- The criminals use phishing or other methods to gain access to the employee’s email account.
- The criminals impersonate the employee and send emails to the payroll department requesting changes to the payroll system.
- The changes are made, and the criminals’ bank account is used to receive the payroll or payments.
Watch For Red Flags
There are a number of red flags that can indicate that payroll diversion fraud is occurring. These include:
- Urgent requests for payroll changes, especially if they are made via email.
- Communication only via email.
- Changes to the payroll system that are not authorized by the employee.
- Payroll amounts that are not consistent with the employee’s salary or the company’s normal payroll practices.
- New contact information for the employee or business owner.
What can you do to help prevent fraud?
There are a number of things that businesses can do to help prevent payroll diversion fraud, including:
- Establish smart business practices. This includes having up-to-date best practices and procedures in place, such as requiring confirmation phone calls or other forms of verification for new customers or when new employees are added.
- Beware of email-only communications. Never make changes to the payroll system based on an email alone. Always confirm the request with the employee or business owner in person or by phone.
- Confirm contact information. When calling to verify information with an employee, use the contact information you have on file, not what was given in an email.
- Be cautious during the approval process. Do not approve new employees if you have questions about the information provided during the approval process.
- Educate your employees and your supervisors. Make sure your employees and supervisors know the red flags to watch for and communicate these with your clients.
- Pay attention. Be cautious with unknown emails, links, and pop-up boxes. These can all be ways to access your system.
- Verify all changes. When taking payroll requests or bank change information via email, always verify changes with a phone call or in-person meeting.
Talk with our fraud prevention experts
If you have any questions about payroll diversion fraud or how to prevent it, please contact the Applied Payroll Solutions Risk Department at (844) 589-5003. We’re happy to help!