Grand Valley State University’s Department of Human Resources sent a warning to all employees regarding potential compromise of direct deposit accounts on Sept. 14.
“Recently, faculty and staff members have notified our office about several instances in which their direct deposit accounts have been compromised. This may include student employees,” read the warning from Human Resources.
The notice urged employees to review their direct deposit information in myBanner to ensure it is still correct. Likewise, it also recommended employees contact the payroll department or IT services if changes were made to the employee’s account without their knowledge.
“Payroll recommends that if an employee receives an email stating that their direct deposit has been changed, and they did not make the change via Self Service Banner, to please contact payroll immediately,” said Brenda Sain, GVSU’s Payroll Manager.
Payroll diversion scams are a newer form of fraud in the United States. It occurs when cybercriminals steal employee’s personal information, such as name and contact information, and use it to make changes to their direct deposit account. Often, this causes the destination of the deposit to be rewired from the employee’s account to the scammer’s account. Come payday, employers believe they are paying their employees, but are unknowingly lining the pockets of internet criminals.
“Usually if an account is compromised the account owner is unaware until fraudulent activity occurs,” said Assistant Director of Public Safety Leah Heaton. “Checking bank accounts frequently to make sure there are no suspicious charges is definitely helpful. If using direct deposit when getting a receipt from an employer, check your bank account to make sure the money arrived. It’s much easier to find a discrepancy right away than months later.”
Having a paycheck stolen without their knowledge can be a nightmare for many employees. Heaton said there are many ways that community members can protect their hard-earned money.
“Having multiple security layers to accounts such as Duo Mobile, can help to prevent anyone else from getting access to your accounts. The secondary layer of protection has the owner provide a code or click on verification that they are trying to access the account in question,” Heaton said.
Often, payroll diversion scams come in the form of phishing: the action of scammers impersonating trusted entities such as banks or insurance companies, primarily through emails or messages, in order to get victims to reveal their personal information.
“Do not give anyone your password or account username,” Heaton said. “If you receive a suspicious email or even an email you may think is legitimate, verify any links you are being asked to click on. The GVSU IT website has great examples of phishing emails and tools to avoid becoming a victim of these email scams.”
Likewise, if a student or faculty member suspects they have received a phishing email at their university address, it is recommended that the message be forwarded to GVSU’s IT department.
If a GVSU community member has found discrepancies in their direct deposit account, Heaton advises taking action and contacting GVSU’s payroll team.
“If you think one of your accounts has been compromised, I would suggest contacting your bank, credit card companies, or credit report agency to either freeze accounts or put alerts on accounts for any suspicious activity,” Heaton said. “If you are looking for a criminal investigation, contact your local police department.”