Payroll Diversion Scam

Scam of the Week: Payroll Diversion Scam

Cybercriminals are targeting small business payroll departments by attempting to reroute employee paychecks to fraudulent accounts.

How the Scam Works An HR or payroll employee receives an email appearing to be from a staff member requesting a change to their direct deposit details. The request looks legitimate, often including the employee’s real name and email signature. If the request is processed without verification, the scammer successfully diverts the victim’s paycheck. Some attackers go as far as hacking into an employee’s actual email account to make the request seem more credible.

How to Protect Your Business

• Require employees to update banking details in person or through a secure internal portal with multi-factor authentication.

• Verify direct deposit changes by calling the employee using a known phone number. Never process a request based on an email alone.

• Educate payroll and HR staff on phishing red flags and social engineering tactics. Provide real-world examples of common scams to help them recognize suspicious activity.

• Regularly review and update payroll security policies to ensure they align with best practices for fraud prevention.

• Encourage employees to report any unusual activity related to their paychecks immediately to prevent further damage.