Common Payroll Scams and How to Identify Them

Imagine you’re a business owner, proud of the hard work and dedication you’ve put into your company. You open up your computer to find a payroll error message: “Not enough funds.” That can’t be right. Only it is; you discover you’ve been hacked. 

Payroll scams cost companies billions of dollars annually, and unfortunately, these scammers aren’t slowing down. In fact, they’re getting more creative, which is why it’s critical to understand common scams and how to identify them. 

What are Payroll Scams?

Payroll scams are fraudulent schemes that exploit weaknesses in payroll processes to divert or steal funds. Scams are usually carried out by external people who gain access to sensitive payroll information. 

The rise of digital payroll systems has increased the complexity and frequency of payroll scams, making it essential for businesses to understand and identify these threats.

Types of Payroll Scams

Payroll scams come in various forms, each leveraging different tactics to exploit vulnerabilities in payroll systems. These scams can lead to significant financial losses, damaged reputations, and legal consequences. Understanding payroll scams and how they operate is the first step in safeguarding your organization against them.

Below are some of the most prevalent types.

Hacking Employee Email Accounts

Email hacking is a tactic where cybercriminals gain unauthorized access to employee email accounts to carry out payroll fraud. Once they have access, they can manipulate payroll information, such as changing direct deposit details, or use email to impersonate the employee in further scams.

According to the FBI’s 2023 Internet Crime Report, business email compromise (BEC) scams result in over $2.9 billion in losses. The report warns readers of these common BEC themes:

• Requesting W-2 information 
• Giving large amounts of gift cards
• Offering cryptocurrency exchanges
• Prompting direct payment from payroll platform instead of employer

Lookalike Domains

Lookalike domains are fraudulent websites or email domains that closely resemble legitimate ones, often with slight variations in spelling. Scammers use these domains to trick payroll departments into believing they are interacting with a legitimate entity, such as a trusted vendor or employee, when, in fact, they are being duped.

This type of scam continues to evolve with technology; one report noted a 143% increase in ransomware attacks from 2022 to 2023. Even more alarming, the same research found that victims of ransomware attacks are almost six times more likely to experience a subsequent attack within three months. 

Spoof Calling

Spoofing, or impostor scams, involves criminals impersonating legitimate businesses, employees, or government agencies over the phone using technology that masks their actual phone numbers. These calls often pressure departments to change payroll or direct deposit information immediately.

Imposter scams account for 15.8% of all fraud reports, resulting in $2.7 billion in losses in 2023. 

Phishing

Phishing is a cyberattack where fraudsters send emails that appear to be from a trusted source, such as a bank or an executive within the company, to trick recipients into providing sensitive information, such as login credentials or payroll data. Once the scammers have this information, they can access payroll systems and divert funds.

According to Proofpoint, 84% of organizations experienced at least one successful phishing attack in 2022, with the average cost per attack reaching $14.8 million when payroll fraud was involved. 

Payroll Diversion

Payroll diversion is an increasingly sophisticated payroll scam where cybercriminals manipulate payroll systems to redirect employee wages into fraudulent accounts. It’s important to note that this scam often starts with phishing attacks. 

Once the payroll department makes the change, the employee’s paycheck is diverted to the scammer’s account, often without the employee or employer noticing until it’s too late. 

How to Prevent Payroll Scams

Preventing payroll scams requires a proactive approach that combines technology, employee training, and stringent procedures. Organizations can significantly reduce their vulnerability to payroll fraud by implementing the following strategies.

1. Use a Safe and Secure Payroll Provider

Payroll involves handling sensitive information – such as Social Security numbers, bank account details, and tax records – making it a prime target for cyberattacks and fraud. Your payroll provider should offer robust security measures to safeguard this information and comply with industry standards and regulations. By selecting a reliable provider, you reduce the risk of data breaches and ensure that your payroll operations are efficient and protected against potential threats.

Why It Works: Modern payroll systems flag anomalies, such as unexpected changes in direct deposit information or unusual payroll amounts, so organizations can further investigate. 

PrimePay’s automated payroll processing ensures your payroll is accurate and secure.

2. Implement Multi-Factor Authentication

Multi-factor authentication (MFA) adds an extra layer of security by requiring employees to verify their identity using two or more methods before accessing payroll systems. These methods can include something they know (e.g., a password), something they have (e.g., a mobile device), or something they are (biometric verification).

Why It Works: MFA makes it much harder for cybercriminals to gain unauthorized access to payroll systems, even if they have stolen login credentials. According to Microsoft, MFA can block over 99.9% of automated cyberattacks, including those targeting payroll systems.

3. Educate Employees on Phishing and Social Engineering

It is crucial to regularly train on recognizing and responding to phishing emails, spoofed calls, and other social engineering tactics. According to a Verizon report, 85% of data breaches involved a human element.

Employees should be aware of the latest scams and know how to report suspicious activities.

Why It Works: Educated employees are the first defense against payroll scams. They can help prevent fraudulent activities by identifying and reporting potential threats before they cause damage.

4. Establish Strict Verification Procedures

Implementing strict procedures for verifying payroll changes, such as direct deposit information, is essential. This can include requiring in-person verification or a secondary confirmation step, such as a phone call to the employee.

Why It Works: Verification procedures ensure that any changes to payroll information are legitimate and prevent unauthorized alterations. In fact, an Association of Certified Fraud Examiners (ACFE) report found that organizations with strong internal controls detected and mitigated fraud 50% faster than those without such measures.

5. Regularly Audit Payroll Systems

Regular audits of payroll systems can help identify anomalies or discrepancies that may indicate fraudulent activity. Audits should include reviewing employee records, direct deposit details, and payroll tax filings.

Why It Works: Regular audits provide an opportunity to catch payroll scams early, minimizing the financial impact and allowing corrective actions.

Protect Your Payroll

Although payroll scams are a significant threat, they can be prevented with the right combination of technology, employee education, and rigorous procedures. 

By implementing multi-factor authentication, educating employees, establishing verification processes, conducting regular audits, and utilizing fraud detection software, businesses can protect themselves from payroll fraud’s costly and damaging effects.