Online fraud is becoming increasingly sophisticated, and a recent attempt targeting Citrus Financial shows just how convincing these scams can be. Salary diversion fraud, also known as payroll redirection fraud, is a growing threat to both employers and employees. Here’s what you need to know and how to stay safe.
How the scam works
Fraudsters contact a company’s payroll department, pretending to be an employee. They often use a personal email address and claim to have changed banks, requesting that their salary be paid into a “new” account.
At first glance, the emails look genuine. They may address the payroll officer by name, use professional wording, and appear urgent but reasonable. If actioned without verification, the next salary payment could go straight into the fraudster’s account, leaving the real employee unpaid and the business at risk.
Our experience
At Citrus Financial, our office manager recently received one of these emails. It looked authentic, but thanks to quick thinking, she called the employee directly to confirm the request. The employee was completely unaware. The email had been sent by a fraudster.
This quick check prevented what could have been a serious financial and emotional impact for both the employee and the business.
How to protect yourself and your business
For employers:
- Verify changes directly – Always confirm any change to bank details by speaking with the employee in person or over the phone using the number you already have on file.
- Never rely on email alone – Treat any request for financial changes as suspicious until verified.
- Train your team – Make sure anyone involved in payroll knows about this scam and follows a clear process for changes.
For employees:
- Be alert to unusual activity – If you’re contacted unexpectedly about your salary or benefits, always double-check with your employer.
- Use strong, unique passwords – Protect your work and personal email accounts to reduce the chance of being impersonated.
- Report suspicious emails – If something looks odd, don’t ignore it. Report it to your employer and, if relevant, to Action Fraud.
Final thoughts
Fraudsters rely on busy workplaces and human trust to succeed. At Citrus Financial, we take client and staff security seriously. This experience is a timely reminder for everyone to stay vigilant. With the right checks in place, these scams can be stopped in their tracks.
