US experts have warned of a new type of payroll scam that sees fraudsters diverting direct deposit payments from employee to criminal accounts.
According to an article written by US law firm Ogletree Deakins, the phishing scam involves fraudsters sending an email from an address similar to that of a legitimate company account.
The email asks the employee to fill in a short survey and hit ‘confirm’. They are also subsequently requested to fill in their credentials in an online form supposedly in order to confirm their identity.
The details are then used to gain access to payroll systems and redirect funds from into fraudulent accounts, according to Pymnts.com.
The Ogletree Deakins article says the emails “look real”. It goes on to add: “In many circumstances, they are effectively spoofing the sender’s account, and employers are learning of the scam when employees begin reporting that they did not receive their direct deposits. By then, the damage has been done.”
The con leads not only to lost funds but also to a data breach that potentially leaves corporate systems and data exposed, Ogletree Deakins warned.
Payroll is a common target for both external and internal fraudsters and cybercriminals. Well-documented scams include employees setting up fake payroll accounts for a staff member who does not exist, or rerouting payroll deposits into other accounts.
Gill Oliver is a business and property journalist who has written for The Daily Mail/Mail Online's This is Money, The Press Association and many national and regional newspapers and magazines.
US experts have warned of a new type of payroll scam that sees fraudsters diverting direct deposit payments from employee to criminal accounts.
According to an article written by US law firm Ogletree Deakins, the phishing scam involves fraudsters sending an email from an address similar to that of a legitimate company account.
The email asks the employee to fill in a short survey and hit ‘confirm’. They are also subsequently requested to fill in their credentials in an online form supposedly in order to confirm their identity.
The details are then used to gain access to payroll systems and redirect funds from into fraudulent accounts, according to Pymnts.com.
The Ogletree Deakins article says the emails “look real”. It goes on to add: “In many circumstances, they are effectively spoofing the sender’s account, and employers are learning of the scam when employees begin reporting that they did not receive their direct deposits. By then, the damage has been done.”
The con leads not only to lost funds but also to a data breach that potentially leaves corporate systems and data exposed, Ogletree Deakins warned.
Payroll is a common target for both external and internal fraudsters and cybercriminals. Well-documented scams include employees setting up fake payroll accounts for a staff member who does not exist, or rerouting payroll deposits into other accounts.
Gill Oliver is a business and property journalist who has written for The Daily Mail/Mail Online's This is Money, The Press Association and many national and regional newspapers and magazines.