B2B Payments

FBI Sets Sights On Payroll Fraud Scheme

Payroll fraud is underway, according to the FBI’s “IC3” division, targeting employees in a number of verticals. The key method is phishing. Elsewhere, Europol warns that threats loom for payments fraud as mobile banking gains traction.

Payment fraudsters are looking to get between consumers and their paychecks. To that end, the the Internet Crime Complaint Center (IC3), a hub to bring complaints to the Federal Bureau of Investigation (FBI), is eyeing payroll fraud.

In an alert issued this week, the IC3 said it has received complaints that cybercriminals are targeting the online payroll accounts of various employees across several verticals, most notably education, healthcare and commercial aviation.

The methods those bad actors use and which have been documented in this space include phishing attempts to gain access to individuals’ credentials. With those credentials in hand, the cybercriminal can access payroll accounts and subsequently change bank account information. As an extra measure that the fraud can persist, the criminal can also alter alert settings, which would prevent the true account owner from being given a heads-up that those details have been changed. The deposits? Often steered toward a prepaid card owned by the cybercriminal, said IC3.

Among the efforts IC3 offered as countermeasures: Employees should “hover their cursor over hyperlinks” to ensure that they can trace back to companies the individual can identify. In addition, login credentials for payroll data should be different from those seen elsewhere in the organization.

Across The Pond

Beyond the confines of one methodology (payroll fraud, as detailed above), Europol has issued a cybercrime report that has taken note of certain attack methods. Ransomware is in there, of course, where a methodology shift is underway i.e. criminals are less random in their approach and now target specific companies and individuals.

Mobile malware is on the upswing, said the report, targeting mobile banking. In Europe, especially, nations must be on the lookout for payment card fraud. As reports noted, card-not-present (CNP) continues to be a threat as EMV compliance spreads. Beyond that, according to Europol, PSD2 “may introduce new opportunities for crime.” The introduction of open APIs may open the door to threats, and if a third-party provider is breached, then banking clients may also be exposed. In addition, said Europol, instant payments reduce the time financial institutions (FIs) have to intervene in a transaction and may challenge detection.

The contention that new (and faster) payment methodologies may attract fraud attempts has centered on ACH. As noted in the Credit Union Times, monthly ACH volume is now at an all-time high. The transaction tally is at $4.5 trillion, as logged in August and computed by NACHA. In terms of growth, that is up 10 percent year on year, 12 percent in dollar terms. Amid those figures, B2B transactions are up 13 percent and stand at 16 percent of ACH volume.

However, with the backdrop of Same Day ACH and with extended windows, increased transaction times and same-day settlement, fraud risks are still there. GIACT said in a white paper this week that older methods of protection efforts, such as trial deposits, may not be effective with the new changes coming into place.

Separately, Reuters reported Thursday (Sept. 20) that, according to the U.S. Securities and Exchange Commission (SEC), Barrett Business Systems, Inc. (BBSI) and its former controller, Mark Cannon, have agreed to settle civil charges of accounting fraud tied to workers’ compensation. The firm agreed to pay $1.5 million in civil penalties without admitting or denying wrongdoing.

On another note, criminal charges were filed against the former BBSI CFO, James Miller. Cannon, who paid $20,000 in penalties, was charged with improperly approving some of Miller’s accounting entries. As a result, the firm under-reported $12 million in workers’ comp.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.