The IRS and Internet Crime Complaint Center are reporting recent dramatic upticks in payroll phishing scams. Employers and employees across all industries are being targeted. The result can mean an employee’s direct deposit credentials are compromised and their paycheck is diverted to the thieves’ bank account instead. These recent email attacks are more sophisticated in nature in that they appear more legitimate and don’t contain the telltale spelling and syntax errors.
How it works
An email that appears to be from an employee is sent to the person responsible for processing payroll, requesting changes to their direct deposit and providing a new routing and account number.
Another version is an email, made to look as if it is from an executive at the company, requesting that an urgent wire transfer be made to a specific account.
In both cases, the accounts are controlled by thieves.
What employers can do
If an email looks suspicious, double check the email address that the message were sent from. While getting more sophisticated with spelling and syntax, a lot of these scams still come from obviously fraudulent email addresses. Train staff to know that executives will not email them to request wire transfers. Also have a proper process in place for requesting changes to direct deposit such as a form submitted to payroll. Communicate to employees that they should never click on suspicious links. They can hover the cursor over the link to see if they will be directed to a fraudulent page instead. Payroll scam emails can also be forwarded the Internal Crime Complaint Center (IC3) at www.ic3.gov for investigation and follow-up.