April 21, 2023 at 11:14
Stacey Wood PCP
The increase in phishing emails “from” an employee asking to change banking is staggering! We’ve even seen one recently that had a bank direct deposit form attached–the account holder name had been altered to an employee’s name.
My practice is to confirm via a separate email (separate from the request) if the employee actually wants to make the change. If so, we require the actual direct deposit form from their financial institution prior to initializing a change; if not, no change is made. So far, every one has been either a phish or spoof email.