Payroll Phishing Scam

Your payroll could be the target of the next Payroll Phishing Scam

Phishing scams are on the increase, and could cost your business tens of thousands if you fall victim to one.

The scams usually come in the form of emails, and are specifically targeted at the payroll department or the person responsible for paying employeesโ€™ salaries.

According to CRS Technologies General Manager Ian McAlister, organisations that have adopted a remote or hybrid working model are particularly vulnerable to these scams, as home internet connections are less secure than those at the companyโ€™s physical location.

Furthermore, the scammers have no particular preference over who they target โ€“ all organisations are at risk of attack, regardless of the industry in which they operate or the size and type of the business.

โ€œThere are two versions of the scam,โ€ McAlister explains. โ€œIn the first scenario, the scammer impersonates an employee and asks that their banking information be updated with new details provided. They usually also request that a payslip to be sent to them as well, but this is merely another ploy to obtain the employeeโ€™s personal information so that they can steal their identity.

โ€œThe second scenario involves the scammer posing as a senior company executive and demanding that an EFT be made to a specific account.โ€

The scammers cleverly mimic the impersonated senderโ€™s style of writing so at first glance the email appears to be authentic.

โ€œItโ€™s only when you take a closer look that the tell-tale signs of a scam start to become apparent,โ€ says McAlister. โ€œThese are very subtle and can be easily missed if the recipient is not vigilant.โ€

Look out for one or more of the following:

  • The font used is not the same as that typically used by the company.
  • The email includes spelling mistakes and grammatical errors.
  • The โ€˜employeeโ€™ no longer works at the company or their job title is incorrect.
  • The senderโ€™s email address is either a Gmail account or is slightly different from the companyโ€™s email domain. For example, the letters may be rearranged, an underscore character is used instead of a hyphen, or one of the letters has been replaced with another. There may also be a mismatch between the โ€˜employeeโ€™ and the email address.
  • There is an implied sense of urgency in the email.

SARS scam

McAlister cites yet another scam that employers need to be aware of. This involves an email or SMS purportedly sent from the South African Revenue Service (SARS) in which the recipient is informed that they are eligible for a tax refund. The message usually includes a link to a fake SARS website and is intended to fool taxpayers into providing their banking details.

Anyone who receives a questionable email or SMS should immediately report it to their IT department, McAlister advises. โ€œIf youโ€™re uncertain about whether itโ€™s a scam, always assume that it is.โ€

He strongly recommends that companies take the time to educate their staff โ€“ and especially their payroll teams โ€“ on how to spot phishing scams. Additionally, any requests for electronic payments to be made, or that banking details be changed should be verified before being processed. This should be done verbally or via a communication medium other than email, such as Whatsapp or SMS.

For their part, IT teams need to ensure that their systems are up to date with the latest security software and patches and that all sensitive company information is encrypted.

โ€œBeing proactive and alert, educating your employees and following a few basic rules will protect your business from financial losses that could have been avoided,โ€ McAlister concludes.

For more information, contact us

Share the Post:
Scroll to Top

Book your CRS solutions demo or consultation


By submitting this form, you agree to our terms and conditions

Software products

Simplify payroll and HR management with our comprehensive solution suite.

HR software

Reshape the employer-employee dynamic.

Payroll software

Enhance accuracy and efficiency.

Performance management software

Nurture employee development.

Integration & Security

Connect with leading ERP platforms.

Global footprint

Weโ€™re active in 35 countries.

Our services

Grow your business while we take care of your human capital.

HR outsourcing

Transform HR into a strategic asset.

Payroll outsourcing

Simplify your payroll operations.

EOR & PEO

Expand your global reach.

Support channels

We keep your payroll and HR infrastructure running smoothly.

Service Desk & FAQ

Round-the-clock expert support paired with essential payroll and HR information.

HIPE4 Agreement

Global payroll and HR excellence defined.

Download Resources

Leverage expert insights that steer your strategic decision-making.

Downloads

Essential resources to improve your business practices.

News & Insights

Comprehensive coverage of key payroll and HR issues.

Company overview

CRS has been pioneering payroll and HR solutions for global organisations for over 40 years.

About us

Our custom payroll and HR solutions benefit employers and employees in more than 35 countries.

Work with us

Experience an environment where creativity, collaboration and empowerment thrive.