Your payroll could be the target of the next phishing scam

The scams usually come in the form of e-mails and are specifically targeted at the payroll department or the person responsible for paying employees’ salaries.

According to CRS Technologies General Manager, Ian McAlister, organisations that have adopted a remote or hybrid working model are particularly vulnerable to these scams, as home internet connections are less secure than those at the company’s physical location.

Furthermore, the scammers have no particular preference over who they target – all organisations are at risk of attack, regardless of the industry in which they operate or the size and type of the business.

“There are two versions of the scam,” McAlister explains. “In the first scenario, the scammer impersonates an employee and asks that their banking information be updated with new details provided. They usually also request that a payslip to be sent to them as well, but this is merely another ploy to obtain the employee’s personal information so that they can steal their identity.

“The second scenario involves the scammer posing as a senior company executive and demanding that an EFT be made to a specific account.”

The scammers cleverly mimic the impersonated sender’s style of writing so at first glance the e-mail appears to be authentic.

“It’s only when you take a closer look that the tell-tale signs of a scam start to become apparent,” says McAlister. “These are very subtle and can be easily missed if the recipient is not vigilant.”

Look out for one or more of the following:

• The font used is not the same as that typically used by the company.
• The e-mail includes spelling mistakes and grammatical errors.
• The ‘employee’ no longer works at the company or their job title is incorrect.
• The sender’s e-mail address is either a Gmail account or is slightly different from the company’s e-mail domain. For example, the letters may be rearranged, an underscore character is used instead of a hyphen, or one of the letters has been replaced with another. There may also be a mismatch between the ‘employee’ and the e-mail address.
• There is an implied sense of urgency in the e-mail.

McAlister cites yet another scam that employers need to be aware of. This involves an e-mail or SMS purportedly sent from the South African Revenue Service (SARS) in which the recipient is informed that they are eligible for a tax refund. The message usually includes a link to a fake SARS website and is intended to fool taxpayers into providing their banking details.

Anyone who receives a questionable e-mail or SMS should immediately report it to their IT department, McAlister advises. “If you’re uncertain about whether it’s a scam, always assume that it is.”

He strongly recommends that companies take the time to educate their staff – and especially their payroll teams – on how to spot phishing scams. Additionally, any requests for electronic payments to be made, or that banking details be changed should be verified before being processed. This should be done verbally or via a communication medium other than e-mail, such as WhatsApp or SMS.

For their part, IT teams need to ensure their systems are up to date with the latest security software and patches and that all sensitive company information is encrypted.

“Being proactive and alert, educating your employees and following a few basic rules will protect your business from financial losses that could have been avoided,” McAlister concludes.

For more information, go to: https://www.crs.co.za/