Be Cautious of Payroll Requests via Email
If you receive payroll requests via email, take more time to review before accepting and processing them.
Payroll fraud is increasing and shows no signs of slowing down in 2018. Kotapay and our processing banks are seeing an uptick in fraudsters taking over customer email accounts by using spearfishing attempts. They gain control of your client's email and then use that email account to request fraudulent payrolls. Your client won't know this is happening until after money has been taken out of their account.
If you are receiving requests from your clients via email regarding their payroll, please take a moment to STOP and think if the request is unusual. Does it contain higher than normal dollar amounts or different pay dates than typical?
Steps you can take to protect yourself and your clients:
- Take a moment to verify the information with a phone call, fax, or text. (out-of-band authentication)
- Be cautious when responding to emails - you don't know who could be on the other side.
- Have strong internal controls in place and be sure all employees know and follow the policies.
Employers and payroll processors are losing tens of thousands of dollars by not taking the above steps. Don't let your client or yourself be the next victim. Please view the resources below or give us a call to discuss improving your procedures to better protect yourself and your clients.
- Tips to Prevent Fraud
- Take advantage of some of the FREE tools available at KnowBe4 and teach employees how to spot fraud.
- Learn more about Data Security from the Federal Trade Commission.
Contact the Kotapay Risk Department
phone: (800) 378-3328