Secure Payroll Verification SaaS for HR Fraud Prevention
This post describes a critical security breach: an employee's direct deposit information was changed without their knowledge, leading to a stolen paycheck. The HR professional's surprise ("This is a first for me" and "So here is the extra screw up. I approve all direct deposit changes. Wh") indicates a vulnerability in current HR/payroll processes, even with manual approvals. This points to a clear need for a robust, multi-factor verification system for sensitive employee data changes to prevent financial fraud.
Product Form: A SaaS platform or API module that integrates with existing HR and payroll systems.
Key Features:
- Multi-Factor Authentication (MFA) for Employee Changes: When an employee or HR requests a direct deposit change, require the employee to confirm via a second channel (e.g., SMS to verified phone, email to verified personal email, or a voice call to a recorded number).
- Granular Approval Workflows: Establish multi-level approval processes for critical changes, perhaps requiring sign-off from two different HR personnel or a finance manager.
- Anomaly Detection: Use AI/ML to flag suspicious changes (e.g., changes from unusual IP addresses, multiple changes in a short period, changes to high-risk bank accounts).
- Comprehensive Audit Trails: Detailed, immutable logs of all change requests, approvals, denials, and verification steps for compliance and investigation.
- Secure Employee Self-Service Portal: A highly secure portal where employees can initiate changes, but where critical financial data updates trigger the robust MFA and approval workflows.
- Fraud Alert System: Instant notifications to HR/payroll and the affected employee about suspected fraudulent activities.
Expected Revenue: This SaaS would be subscription-based, likely priced per employee per month or in tiers based on company size and features. The value proposition is significant: preventing potentially large financial losses from fraud, protecting employee trust, and reducing compliance risk. Companies are highly motivated to invest in such security. Pricing could range from $0.50 - $5.00+ per employee per month, or custom enterprise pricing, leading to annual contracts potentially worth thousands to tens of thousands of dollars, depending on the client's scale.
Origin Reddit Post
r/humanresources
HR payroll-direct deposit scammed [N/A]
Posted by u/FatDaddyMushroom•07/21/2025
Alright,
This is a first for me. An employee's direct deposit was changed without them knowing and paycheck stolen.
So here is the extra screw up. I approve all direct deposit changes. Wh
Top Comments
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/ireallylikecats34
I was told direct deposits will fail/reject if names on account vs payment don't match, but in over 12 years I have never seen this to be true.
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/ireallylikecats34
We use Paycom.
Paycom apparently can't pre-note (they could when we worked with them 2016 - 2020, but not now?)
Similar thing happened with one of my employees 2 weeks ago.
2FA is on for basi
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/Cubsfantransplant
This is one of the reasons we stopped accepting direct deposit changes via email. Too many phishing scammers. We were all on one site so changing it in person was not a big deal. Getting cert
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/Cubsfantransplant
This is one of the reasons we stopped accepting direct deposit changes via email. Too many phishing scammers. We were all on one site so changing it in person was not a big deal. Getting cert
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/ireallylikecats34
We use Paycom.
Paycom apparently can't pre-note (they could when we worked with them 2016 - 2020, but not now?)
Similar thing happened with one of my employees 2 weeks ago.
2FA is on for basi
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/ireallylikecats34
We use Paycom.
Paycom apparently can't pre-note (they could when we worked with them 2016 - 2020, but not now?)
Similar thing happened with one of my employees 2 weeks ago.
2FA is on for basi
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/kkane97
Tough situation. Going forward, a few safeguards can help: require verbal or in-person confirmation before approving direct deposit changes, create a simple log noting the date of request vs.
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/jungshookies
The last time when I was working closely with payroll, I recall that banks will typically bounce back any payment records where the identity card number/name reported in the bank report does
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/209_Dad
This
u/209_Dad
This
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/kkane97
Tough situation. Going forward, a few safeguards can help: require verbal or in-person confirmation before approving direct deposit changes, create a simple log noting the date of request vs.
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/ireallylikecats34
I was told direct deposits will fail/reject if names on account vs payment don't match, but in over 12 years I have never seen this to be true.
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/209_Dad
This
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/ireallylikecats34
I was told direct deposits will fail/reject if names on account vs payment don't match, but in over 12 years I have never seen this to be true.
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/jungshookies
At least the place which I worked previously the banks do send back a list of mismatched bank accounts and payment records. The PDA team gets shot if that ever happens.
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/209_Dad
This
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/Cubsfantransplant
This is one of the reasons we stopped accepting direct deposit changes via email. Too many phishing scammers. We were all on one site so changing it in person was not a big deal. Getting cert
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/jungshookies
At least the place which I worked previously the banks do send back a list of mismatched bank accounts and payment records. The PDA team gets shot if that ever happens.
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/ireallylikecats34
I was told direct deposits will fail/reject if names on account vs payment don't match, but in over 12 years I have never seen this to be true.
u/jungshookies
The last time when I was working closely with payroll, I recall that banks will typically bounce back any payment records where the identity card number/name reported in the bank report does
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/jungshookies
The last time when I was working closely with payroll, I recall that banks will typically bounce back any payment records where the identity card number/name reported in the bank report does
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/jungshookies
At least the place which I worked previously the banks do send back a list of mismatched bank accounts and payment records. The PDA team gets shot if that ever happens.
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/kkane97
Tough situation. Going forward, a few safeguards can help: require verbal or in-person confirmation before approving direct deposit changes, create a simple log noting the date of request vs.
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/jungshookies
The last time when I was working closely with payroll, I recall that banks will typically bounce back any payment records where the identity card number/name reported in the bank report does
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/Cubsfantransplant
This is one of the reasons we stopped accepting direct deposit changes via email. Too many phishing scammers. We were all on one site so changing it in person was not a big deal. Getting cert
u/jungshookies
The last time when I was working closely with payroll, I recall that banks will typically bounce back any payment records where the identity card number/name reported in the bank report does
u/FatDaddyMushroom
No. I verified the routing and account with her. It was a completely different account and bank. It was changed two days after she said she put in her initial direct deposit, which I can see
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/jungshookies
At least the place which I worked previously the banks do send back a list of mismatched bank accounts and payment records. The PDA team gets shot if that ever happens.
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/Cubsfantransplant
This is one of the reasons we stopped accepting direct deposit changes via email. Too many phishing scammers. We were all on one site so changing it in person was not a big deal. Getting cert
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/209_Dad
This
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/Cubsfantransplant
This is one of the reasons we stopped accepting direct deposit changes via email. Too many phishing scammers. We were all on one site so changing it in person was not a big deal. Getting cert
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/209_Dad
This
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/Prestigious-Set4470
This happened where I worked. The employee direct deposit changed to a cash app bank account and he wasn’t aware. I asked ADP to research and they were no help. We ended up paying the employe
u/BunchaMalarkey123
This is exactly why we have all those options turned off for employees. Only we can change their DD information through our admin login on ADP.
u/NoKing9900
Having 2FA for the ADP employee self service is a good and it does protect the employees.
Just don’t do it immediately. Give the employees 3 to 6 months advance notice. Make sure there good
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/Ill_Ad6621
If you are going to double pay her, I wouldn't do it until she has a police report filed. Paying someone again based on what they verbally tell you is a slippery slope.
I'm assuming you mus
u/kkane97
Tough situation. Going forward, a few safeguards can help: require verbal or in-person confirmation before approving direct deposit changes, create a simple log noting the date of request vs.
u/sofies_carrot
Since her account was hacked it needs to be reported. If you have IT dept start there. But it seems that she was personally hacked since she keeps her passwords in a personal account. She wil
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/209_Dad
This
u/FatDaddyMushroom
So this is something I was wondering about as well.
So I know if I am putting in a Direct Deposit for an employee, if they are technologically challenged. I always have them send me or brin
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/ireallylikecats34
We use Paycom.
Paycom apparently can't pre-note (they could when we worked with them 2016 - 2020, but not now?)
Similar thing happened with one of my employees 2 weeks ago.
2FA is on for basi
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/Ill_Ad6621
I have a gut feeling they did do they two factor authentication, but it was sent to the email the hacker already had access to. That's the problem with using duplicate passwords, the hacker
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/benicebuddy
That's where I am as well. You need to find out where that money went. I bet it went to an account number 1 off from the right on or in to the correct account but the employee was overdrawn.
u/WildLemur15
You need a process step to verify changes. We only have 125 ish people, so question them by a different contact to confirm last 4 of new accounts.
If they put it in their portal, we call the
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/fluffyinternetcloud
Had this happen a year ago with ADP the employee never made the change and confirmed the same to us. I think ADP got hacked and there’s credentials on the dark web somewhere as I often see od
u/Ellywick77
I added a step to my process when approving direct deposits where I confirm the change via Slack/Teams. Especially if I get the approval request via email. I get a ton of spam emails requesti
u/kkane97
Tough situation. Going forward, a few safeguards can help: require verbal or in-person confirmation before approving direct deposit changes, create a simple log noting the date of request vs.
u/209_Dad
This
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/WeekapaugGroov
We just had this exact attempt at fraud but caught it before pay was issued.
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/PaLuMa0268
This is disturbing. We currently use iSolved and this has happened to us. I also approve these changes. Luckily I caught it before payroll was processed. The only way I can tell it’s not legi
u/Landerclan
Once you get this sorted using the steps others have detailed and the employee is paid you need to hold employee meetings. With a small workforce I would turn off employee ability to make DD
u/benicebuddy
I'm sure you are right, but nothing says that the completely different account wasn't hers or even a confederate's account. You need to find out where that money went if you can't reverse the
u/ireallylikecats34
We use Paycom.
Paycom apparently can't pre-note (they could when we worked with them 2016 - 2020, but not now?)
Similar thing happened with one of my employees 2 weeks ago.
2FA is on for basi
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/goodvibezone
Pl ase out mandatory 2FA on all your employee accounts. It won't stop fraud completely, but it will help a lot.
This primarily happens when employees click a fake payroll link. They'll Goog
u/Warm-Replacement-724
There are a lot of layers around this to unpack and will need investigating before liability is even discussed.
1. Who made the change to this employee’s information? This typically isn’t do
u/Demilio55
You should reach out to your financial institution for assistance. They may be able to reverse the payment.
u/kingboy10
Also was ask for a bank letter with their name on it to verify if not then who knows if the numbers are actually correct for one and who knows if the account is event connected to the employe
u/jungshookies
The last time when I was working closely with payroll, I recall that banks will typically bounce back any payment records where the identity card number/name reported in the bank report does
u/FatDaddyMushroom
I called ADP about turning it on for things like this. At first they told me they could only activate it for every single time an employee signs into their account. After I talked to them mor
u/Elss802
The money is gone. I had an employee do this. Now our system sends emails and requires two factor authentication for sensitive items like direct deposit and email/phone changes.
u/Ok_Tackle4047
This. We approve DD changes only after the EE submits paperwork verifying account numbers AND check the numbers again on payroll day to verify if DD was pushed through. Always use pre-note so
u/ireallylikecats34
I was told direct deposits will fail/reject if names on account vs payment don't match, but in over 12 years I have never seen this to be true.