MINNEAPOLIS — Paychecks are important.
It's how we pay the bills, right?
Well, imagine someone stealing it.
It's called Payroll Diversion.
Here’s how it works.
When you sign up for direct deposit with your employer, you have to give them your bank account information.
The company will use that information to send your paycheck electronically to your bank account every payday.
Payroll Diversion happens when someone, without your consent, intercepts that payment and funnels it into a separate bank account, essentially stealing your paycheck.
The most common way this happens is scammers will email an employee’s Human Resources department to change that employee’s direct deposit information.
If the HR department falls for it, the employee’s paycheck will be sent to another bank account on payday and the scammer can easily steal the money, close the account and get away with it.
"Post-COVID it's a giant concern,” cybersecurity expert Bryce Austin says.
Austin owns a cybersecurity company called TCE Strategy. He says Payroll Diversion scams are not new, they’ve been around for several years, but they’re even more concerning now during the pandemic.
“We’re working away from the office and so more of our business is conducted over email,” Austin says.
“You’re less likely to know who your HR rep is and you’re less likely to have a working relationship with them where they know you and can tell if someone isn’t you.”
Austin says he just worked a Payroll Diversion case in early October.
“This was with one of my clients over in the U.K.,” Austin explains. “A fake email came through and the payroll person never picked up the phone to call the employee and it wasn’t until the employee called up days later saying, ‘where’s my paycheck’ that they realized what had happened and in that case the company was out $6,000.”
Here's how the scammers do it.
The scammer scours the internet, looking for employees to steal from.
They find out where they work, who their HR rep is, and what the company’s email addresses look like.
Austin says scammers can get this information one of two ways, they might hack the company’s system or an employee’s email account, or what’s even more likely, the scammers simply found all of this information online or on social media.
“They can easily look online and find out where a lot of people work, because we share that information willingly. They can also do a quick search and find who the HR rep is, because again, a lot of people share this information online about where they work and what their title is,” Austin explains.
Before the pandemic, the FBI saw an 815% increase in payroll scams between 2018 and 2019.
And experts say it's only gone up from there, with scammers seeing more opportunities to steal people's paychecks while they're working from home.
"If you are a payroll person, make sure your company has a policy of we don't accept emails to change where your paycheck goes, we simply don't do that. You have to either be on a phone call, you have to be in person, one of those two things,” Austin says.
For employees, Austin recommends setting up a separate password for your work email, so scammers won’t be able to hack it as easily. He recommends a good strong password that is difficult to hack.
He also recommends talking to your company about setting up multifactor authentication on your email.
This will add an extra layer of protection.
"Putting up that we were on vacation, or using a password of I love my son, or my dog is great, or any of these easy to guess passwords, this is a really good way to let yourself fall into these really difficult situations,” Austin says.
Cybersecurity experts say scammers will often target big companies with hundreds or thousands of employees who likely have never met their HR manager in person.
But they do sometimes target smaller companies so it can happen to anyone.