Email fraud targeting employers has become increasingly common. One of the most frequent schemes involves fraudulent requests to change an employee’s direct deposit information.
Consider a situation where an employer receives what appears to be an email from an employee requesting an update to their direct deposit account. The message may look legitimate and even include the employee’s name or signature. The employer then forwards the new account information to the payroll processor to make the change before the next payroll run.
In reality, the email may not have come from the employee at all. Scammers often impersonate employees in an attempt to redirect payroll funds into fraudulent bank accounts.
Understanding how these schemes work can help employers prevent payroll errors and protect sensitive employee information.
How Payroll Email Fraud Typically Works
In many payroll fraud schemes, scammers send emails that appear to come from an employee or company executive. These messages often request payroll-related changes and may look convincing at first glance.
Common requests include:
- Changing direct deposit bank account information
- Updating tax withholding forms
- Requesting copies of W-2s or employee records
- Asking payroll to rerun or reissue a payment
Warning Signs of a Fraudulent Payroll Email
Payroll administrators should be cautious when receiving requests involving payroll changes or employee data. Some common warning signs include:
Unusual sender email addresses
The sender’s display name may look correct, but the actual email address may be slightly different or contain extra characters.
Urgent or rushed requests
Fraudulent emails often try to create urgency, so the request is processed quickly.
Requests sent from personal email accounts
If an employee sends payroll change requests from Gmail, Yahoo, or another personal email address, it is best to verify the request before making any updates. Call or speak with the employee in person.
Unusual timing
Requests sent late at night, over the weekend, or during holidays can sometimes signal suspicious activity.
Unexpected banking changes
If an employee suddenly requests a change to a new bank account without explanation, it may be worth confirming directly.
Best Practices to Protect Payroll Information
Employers can reduce the risk of payroll-related fraud by implementing a few simple safeguards.
Verify direct deposit changes
Confirm any requests to update bank information directly with the employee using a known phone number or in-person conversation.
Require payroll authorization forms
Consider requiring employees to complete a signed direct deposit authorization form rather than accepting changes solely through email.
Train payroll and HR staff
Employees responsible for payroll should be familiar with common fraud tactics and verification procedures.
Limit who can approve payroll changes
Establish internal controls so that sensitive payroll updates are reviewed or approved before being processed.
When in Doubt, Verify First
If you receive a request that seems unusual or unexpected, it is always best to pause and verify the request before making any payroll changes. A quick phone call to the employee can prevent significant payroll issues.
Protecting payroll information is a shared responsibility between employers and payroll providers. If you ever receive a payroll-related request that seems unusual or unclear, the FocusPay Solutions team is happy to help verify the request before changes are made.
For more information on the above article or any human resource management services, contact Katelyn Parks at (334) 321-4729 or by leaving us a message below.
