Cybersecurity frauds are targeting direct deposit payroll at local governments

Subscribe to Updates

Get our e-newsletter right to your inbox!

First Name

Last Name

Company

Job Title

« back to Audit Connection Home

Categorized in: CyberSecurity • Fraud • Local governments

Tags: Internal Controls

Nov 16, 2018

Fraud Icon Concept on the Red Keyboard Button

Local governments should ensure they protect against cybersecurity frauds in which an employee's direct deposit payroll gets redirected to a fraudster's bank account.

In this type of fraud, the fraudulent request to change the bank account uses the government's change form that is emailed or mailed to payroll. In other cases, the fraudulent request is made in an email that looks like it is from the employee's email account. The fraudulent bank accounts are frequently associated with out-of-state or internet banks.

We recommend that any request to change a direct deposit bank account include an in-person or verbal verification with the employee before the change is initiated.

We caution you to NOT use email to verify a change request; in some cases, the employee's email account has been compromised and the fraudster intercepts and responds to the emailed verification.

If your government is a victim of this fraud, you are required to report it to the Office of the Washington State Auditor at portal.sao.wa.gov/saoportal/publi c.aspx/LossReport.

We also recommend reporting it to the FBI's Internet Crime Complaint Center (IC3) at www.ic3.gov/complaint/default.aspx

Cybersecurity frauds are targeting direct deposit payroll at local governments

Quick Search Audit Reports