Security Alert: New Direct Deposit Fraud On The Rise

Email phishing attempts are not new. Fraudsters are only getting more creative and convincing. Abacus Payroll, Inc. urges clients and small businesses to be extra diligent in reviewing employee bank change requests because identity spoofing and direct deposit diversion attempts are becoming all too common.
What is direct deposit diversion?
Fraudsters impersonate an employee by creating an email address that might vary by only one character or come from a generic email service, such as Gmail or Yahoo. Their goal is to convince the HR contact and payroll administrator to change the bank account information on an employee’s direct deposit. Often, the issue will go undetected until it is too late and is usually untraceable.
How can I be proactive against direct deposit diversion?
- Triple-check every character in the sender’s email address.
- Be extra cautious if there is a sense of urgency in the message or subject.
- If possible, do not allow direct deposit requests from personal email addresses. Only accept from those using your company domain.
- Consider having an internal form for bank changes and only accept requests that have this form completed. Abacus Payroll has a form that can be provided to employers.
- Analyze the tone or writing style of the message. Is it different from how the employee normally writes or signs off in their emails? Are they going by their formal name instead of a shortened name? Is their title or email signature correct? If you have a large number of employees, this may not be easy to detect if you do not communicate often with your employees.
- Another warning sign is if the request is to switch from a direct deposit to a debit card account.
- If an email is suspicious, hover over any hyperlinks to reveal the actual website URL — do not click or open any attachments.
What if I suspect payroll fraud?
If an email raises a red flag, follow up with a phone call to the employee for confirmation or compose a new email to the exact email address you have on file. Do not reply to the email in question.
Please contact your payroll specialist with questions or concerns. We take your data privacy and information security very seriously and we thank you for your cooperation.