Dude!  Where is my packcheck?

Imagine looking checking for your payroll deposit only to discover that your pay was sent to a criminal in a foreign country.  Payroll diversion scams are on the increase.  Churches need to take steps to protect their employees.

Payroll diversion scams are a type of fraud where scammers target an organization's payroll system to redirect funds into their own accounts. Here'show they typically work:

Phishing: Scammers often use phishing emails or other methods to obtain login credentials of employees with access to the organization's payroll system.

Unauthorized Access: Once they have the login credentials, scammers gain unauthorized access to the payroll system and make changes to direct deposits.

Redirecting Funds: Scammers change the bank account information associated with certain employees' direct deposit payments. Instead of the legitimate accounts, the funds are redirected to accounts controlled by the scammers.  

AI/Email Requests: Scammers can also attempt to convince payroll staff to make changes using AI voice technology to pretend to be an employee or by sending emails that look like legitimate requests.

To prevent payroll diversion scams, churches can take severalprecautions:

Employee Training: Educate employees about the dangers of phishing emails and the importance of safeguarding their login credentials. Regular training sessions can help employees recognize potential scams.  Establish a policy of never sharing payroll/banking information via email.

Strong Authentication: Implement multi-factor authentication (MFA) for accessing sensitive systems like the payroll platform. This adds an extra layer of security, even if login credentials are compromised.

Regular Audits: Conduct regular audits of payroll records to detect any unauthorized changes or suspicious activity. Promptly investigate any discrepancies.

Employee Verification: Implement a process for verifying the identity of employees requesting changes to payroll information, especially changes involving banking details.  You might require such requests to be done in person or with a paper form.

Keep Software Updated: Ensure that payroll software and systems are kept up-to-date with the latest security patches to mitigate vulnerabilities.

Insurance: Consider obtaining cyber insurance coverage that includes protection against financial losses resulting from payroll diversion scams.

By implementing these measures, churches can significantly reduce therisk of falling victim to payroll diversion scams and protect their financialassets and employees' personal information.

Don’t let the bad guys beat you!