“If I could sum up why I’m committed to the HR Girlfriends community it would come down to because we are ‘….in this together.'”

~Sana’ Rasul, Chief Girlfriend

Q&A: We’ve received suspicious emails that appear to be from employees asking to change their direct deposit information. What should we do?

This is likely a phishing scam – a type of con in which scammers use emails, texts, or phone calls to trick someone into providing company or personal information that then allows the scammer to steal from them. These messages often appear to come from someone the recipient knows – in this instance, your employees.

A successful scam can be a costly data breach with legal consequences for employers. In this case, had you fallen for the direct deposit scam, your employees would not have been paid on time, and you’d be out the money you owed them.

To protect your organization from this and other phishing attempts, we recommend taking the following steps:

• Verify that the message is not legitimate. In this case, inspect the email addresses for validity and reach out to the employees to confirm they didn’t request to have their bank information changed.
• Notify your IT department of the potential phishing attempt.
• Inform your workforce that scammers are afoot and remind them not to respond to emails that are suspicious or to email sensitive information. Email is like a postcard, potentially visible to anyone, so employees shouldn’t email their banking or other sensitive information.
• Work with your IT department to train employees how to recognize phishing attempts and what to do if they notice or fall prey to one.
• Ensure employees update their security software, internet browser, and operating system regularly.
• Create processes and policies that staff should follow in case of a breach, including what notices need to be given.

This Q&A does not constitute legal advice and does not address state or local law.

Answer from Sarah, PHR, SHRM-CP:
Sarah has extensive Human Resources experience in the legal, software, security and property preservation industries. She has a Business Communications degree from Villa Julie College (now Stevenson University) and a master’s certificate in Human Resources Management and a Strategic Organizational Leadership certification from Villa Nova University. Sarah is also a member of the National Society of Human Resources Management and has managed the HR function for small startup companies to mid-sized/large organizations.

Get Certified

The first-ever HR certification designed for professionals who are just beginning their HR career journey.

Leave a comment

0 Comments
Inline Feedbacks
View all comments

Are You IN?
Or Are You OUT?

It’s time you join forces with a community of like-minded peers ready to tackle the issues unique to the women of HR.

How Safe Is Your Organization?

Even with millions spent on cyber security infrastructure, all it takes is one employee clicking on one wrong link to compromise critical data, costing your company millions.

HR Girlfriends™ is a Human Resources networking organization dedicated to advancing the practice and culture of people empowerment. Our team of Girlfriends consult, train, educate, develop, share, promote, and advocate for solutions in the field of human resource management.

  • All
  • Affirmation
  • Career Mondays
  • Certification
  • COVID-19
  • CyberSAFE
  • Guest Blogger
  • HR Advisor
  • HR Law Alert
  • HR Q&A
  • HR Reading
  • HR Reel Talk
  • Join Our Team - Apply Now
  • Membership
All
  • All
  • Affirmation
  • Career Mondays
  • Certification
  • COVID-19
  • CyberSAFE
  • Guest Blogger
  • HR Advisor
  • HR Law Alert
  • HR Q&A
  • HR Reading
  • HR Reel Talk
  • Join Our Team - Apply Now
  • Membership
HR Advisor

HR Advisor December 2022

Three Ways to Make Holidays More Inclusive The office holiday party is a time-honored tradition: readers of Charles Dickens’ A Christmas Carol may remember the …

Read More →
HR Q&A

Q&A: If we get called for a reference, can we just verify the former employee’s dates of employment?

Yes, it’s up to you how much or how little you share about a former employee. There’s no legal requirement to supply employment references for …

Read More →
HR Q&A

Q&A: We would like to reclassify an employee from exempt to nonexempt status. Is it okay to do this? What do we need to do to change their status?

Yes, it’s possible to make this change. Any employee can be classified as a nonexempt employee, although we generally recommend that all employees in the …

Read More →
Share via
Copy link
Powered by Social Snap