Kotapay Insights

Preventing Payroll Fraud
Steps you can take to protect yourself and your clients from payroll fraud
Payroll fraud is on the rise and shows no signs of slowing down. Kotapay has seen an uptick in fraudsters taking over customer email accounts by using spearfishing attempts where they gain control of your client’s email and use that account to request fraudulent payrolls. Your client won’t know this is happening until after money has been taken out of their account, so it’s important to stay diligent.
All it takes is one fraudulent transaction to expose you and your customer to losses. Ask yourself, do you know if the information your customer sent is accurate? Do you have systems in place to validate the information? Following these recommendations could save you and your customers thousands of dollars.
- Use Caution: If you are receiving email requests from your clients regarding their payroll, take a moment to stop and think if the request is unusual. Are the requested dollar amounts or pay dates out of the ordinary?
- Validate Files: We encourage you to have a process in place to validate transaction data before sending it to Kotapay. This important step should only take a few minutes but may pay off big dividends for you and your customers.
- Out-of-Band Authentication: You can reduce the risk of processing fraudulent transactions by using out of-band authentication. If you receive information via email, you should have a validation process in place that uses another method to contact the customer that is different than how you received it. For example, a phone call, fax, or text.
- Data Security: It’s important to have a data security policy in place to protect your confidential information. The policy should be followed by all employees. If you would like help writing a security policy, please visit the Better Business Bureau’s website.
Implementing these tips could help your company from becoming a statistic. Review your current processes to verify you are doing everything possible to protect from losses that could have been stopped. If you have any questions or would like to discuss improving your security procedures, please contact the Kotapay Risk Department at (800) 378-3328.