Is Your Payroll a Target for Cybercriminals?
As banks have become better at securing retail platforms and backend systems, more companies are being targeted by cybercriminals looking for a quick cash payout. Payroll and invoicing systems at large corporations and small business are being compromised by the installation of malware and phishing scams that are netting anywhere between $20,000 and $900,000.
Criminals typically infiltrate a payroll or invoicing system, run a test theft, and then wait for the systems to run scheduled payments. The payments are then channelled to ‘mules’ that are completely oblivious to the situation. It’s known as ‘drift-netting’ and is now the largest form of cybercrime in Australia.
Prevention before Policing
While law enforcement is working hard to keep up with cybercriminals, they’re usually left playing catch-up. The methods employed by these hackers are as sophisticated as they are varied and once they have been successful, they’re nearly impossible to reverse.
Instead of acting once your payroll has been targeted, you should act before the hackers get a chance. Adopting a more secure system or outsourcing your payroll to the professionals can greatly reduce your chances of being attacked.
Not only is your financial security at stake, your business reputation is, too.
Here are some other steps you can take to mitigate the easiest forms of attack.
Checking Your Systems
Most companies are made aware of a system compromise when a large number of employees complain to payroll departments because they haven’t been paid. By then it’s usually too late to do anything other than calling the police and hoping for the best. Most drift-netters are based in West Africa and pursuit can often prove futile.
Avoiding an attack requires vigilance. You will need the complete cooperation of every department within your corporation as well as trustworthy security and finance partners.
Your bank, online payroll service and IT service vendors are all critical in helping you manage a secure system. Take the time to review your IT and business partners and make sure you invest in training for your staff.
Securing Your Payroll
Establishing a set of protocols and systems can give you peace of mind and protect your reputation. Discussing the procedures that will negate an attack with all the stakeholders will ensure the most successful defence against any cyber-attack.
To prevent an attack on your business, be sure to:
- Protect both email and web servers with appropriate security and check for malware frequently
- Change passwords frequently to ensure that legacy employees do not have access to sensitive information
- Evaluate user privileges on a regular basis
- Secure employee details, identification and contact details and check regularly for accesses made
- Require any employee with access to finance systems or employee information to be verified
- Establish IT protocols for all units within your business so that there are no knowledge gaps on how systems operate for new employees
If you’re concerned about payroll security, consider outsourcing to a professional. An external payroll service can reduce your responsibilities, and promote efficiency, accuracy, confidentiality and security.
To find out how you can protect your payroll with a secure payment system, enquire with our team today.