The Newest Payroll Scams That Could Cost Your Organization

Hackers are always looking for creative ways to find new victims to attack.

In human resources, there have been many attempts hacking an employee’s paycheck by infiltrating an organization’s payroll process. With the prevalence of email communications and online payroll submission, cyber hackers are finding ways to use phishing to attack businesses and their employees. Protect your organization by understanding how hackers access private information and knowing how to prevent hackers from invading your organization. Here is what you should know about payroll scams:

What is phishing?

Phishing occurs when a hacker sends an email that appears to be from a reputable email address. The hacker asks for personal information or requests personal information or access to funds. Payroll professionals have experienced an increase in the number of phishing attempts specifically related to the payroll process.

How does it work?

A hacker will identify who in the organization would typically have the power to request the task or personal information. For example, they may identify the President, CFO, or HR Manager within an organization. Then, they will use that person’s email address to request information from someone else in the company. When the person replies to the message, the reply diverts to the hacker. Or the hacker may ask the recipient to perform a task, such as change a direct deposit account, which would then give them access to the paycheck diverted to the new account.

How can this type of phishing affect my organization and employees?

Generally, the idea is for the hacker to access personal information or divert funds to the hacker. Some of the most common ways they attempt this via the payroll process are as follows:

  • The hacker attempts to divert payroll funds to their bank accounts by requesting a change in direct deposit account on behalf of an unsuspecting employee.
  • Hackers ask for a bonus check in addition to the standard payroll amount while requesting a direct deposit change for even more funds.
  • The hacker attempts to gain personal information that would aid in identity theft. For example, they may demand a list of employees with information such as bank account numbers, social security numbers, home address, birthdates, etc.


What best practices can my organization adopt to protect itself against payroll hacking/phishing?

  1. Be wary of any links emailed to you, even if they appear to be coming from someone you’ve emailed before. If you are unsure, ask your IT department to research the legitimacy of the link.
  2. Where applicable, ask employees to change any personal information directly into their Self Service Center or electronic portal. It’s easy and secure, and a hacker who just fakes the email address won’t have access to it.
  3. Never share your password information with anyone.
  4. Always question any unusual or urgent requests by calling the requestors last known phone number or discussing the change face-to-face.
  5. Request change information from employees in writing, especially a change in direct deposit. Requesting a copy of a voided check for validation of an account change is a great way to protect accounts.
  6. Never provide your personal information to anyone via phone or email.
  7. Always lock your computer screen when walking away from your desk.
  8. Share this information with your leaders and managers so they are aware of the scams and can exercise precautions with personal and payroll information.
  9. Don’t email information containing social security numbers, direct deposits, or employee information. If you have a need to send such information electronically, talk to your business partners about using an encrypted email service.


If your organization needs assistance in creating a safe payroll process, contact Tandem HR today. Our custom payroll, benefits, and HR solutions enable your busy executives to spend their valuable time on your business.


We’re not the only ones excited about our customizable, high-touch approach to human resources. Check out this powerful testimonial about the impact of our solutions.