Cyber criminals are no longer just targeting large or industry leading organizations for credit card information. Hackers are now out to reroute direct deposit of your paycheck into offshore accounts they control. According to recent FBI alerts, cyber criminals have been targeting all types of businesses, regardless of size. 

Due to heightened awareness of these crimes, business owners are investing heavily in cybersecurity to protect their business and clients.  The result, however, increases the risk for personal computer hacks.

Where it begins.

Many times, these begin with phishing emails that aim to gain access to personal computers and personal emails.  Once a personal email has been compromised, hackers are able to study the individual’s conversations and mimic traits such as tone, grammar, etc.

They will also review email correspondence to determine where they work and how to communicate changes to personal information. After they’ve acquired the necessary information, the hackers pose as the employee and send a communication requesting a bank change to an offshore account.

In many cases, these scams go undetected until an employee starts to complain that they didn’t get paid. By this time, the employer is affected as the money paid out is unrecoverable.

Know the IRS.

IRS phishing scams are causing heightened alert. Many individuals are receiving fake emails, text messages or robocalls from what appears to be the IRS requiring personal information.

To protect your business and employees, consider the following when receiving questionable messages from the IRS:

  • The IRS does NOT initiate contact with taxpayers by email, text or other social media channels to request personal or financial information. 
  • If you are a victim of fraudulent IRS emails scam (ex.  you responded by sending information or a Form W-2), email and also send the full email headers to
  • If you receive an IRS impersonation telephone call as well as other types of unwanted calls (ex. robocalls, fake insurance calls, credit card calls, etc.) you should immediately block these phone numbers which can be done easily from your smartphone. 

Take the precautions.

As a business owner, you must be vigilant with any and all bank account changes received from employees by email.  Because the email address is legitimate and recognizable, requests often go unquestioned. These emails generally impersonate company employees and are sent to payroll/HR.

Preventative measures to consider for PrimePay clients.

  • Employee bank changes should be requested in writing.  You may want to adopt a Bank Change Request Form that may be accessible to your employee through your intranet or requested from your HR department. 
  • If a verification process has not been established, one should be developed to confirm authenticity of a request (ex. verbal verification with employee).
  • If processing payroll online, please be sure to check any bank changes for accuracy.  Once a change is submitted, lookout for an SMS text message to confirm authenticity of change.
  • If processing payroll with a dedicated Client Success Representative, we encourage you to submit an Employee Direct Deposit Authorization Form.

The more you educate yourself and your employees, the better prepared your business will be to stay vigilant in your cybersecurity efforts.