Protecting Yourself Against Online Payroll Fraud

Online fraud is becoming increasingly sophisticated, and a recent attempt targeting Citrus Financial shows just how convincing these scams can be. Salary diversion fraud, also known as payroll redirection fraud, is a growing threat to both employers and employees. Here’s what you need to know and how to stay safe.

How the scam works

Fraudsters contact a company’s payroll department, pretending to be an employee. They often use a personal email address and claim to have changed banks, requesting that their salary be paid into a “new” account.

At first glance, the emails look genuine. They may address the payroll officer by name, use professional wording, and appear urgent but reasonable. If actioned without verification, the next salary payment could go straight into the fraudster’s account, leaving the real employee unpaid and the business at risk.

Our experience

At Citrus Financial, our office manager recently received one of these emails. It looked authentic, but thanks to quick thinking, she called the employee directly to confirm the request. The employee was completely unaware. The email had been sent by a fraudster.

This quick check prevented what could have been a serious financial and emotional impact for both the employee and the business.

How to protect yourself and your business

For employers:

  • Verify changes directly – Always confirm any change to bank details by speaking with the employee in person or over the phone using the number you already have on file.
  • Never rely on email alone – Treat any request for financial changes as suspicious until verified.
  • Train your team – Make sure anyone involved in payroll knows about this scam and follows a clear process for changes.

For employees:

  • Be alert to unusual activity – If you’re contacted unexpectedly about your salary or benefits, always double-check with your employer.
  • Use strong, unique passwords – Protect your work and personal email accounts to reduce the chance of being impersonated.
  • Report suspicious emails – If something looks odd, don’t ignore it. Report it to your employer and, if relevant, to Action Fraud.

Final thoughts

Fraudsters rely on busy workplaces and human trust to succeed. At Citrus Financial, we take client and staff security seriously. This experience is a timely reminder for everyone to stay vigilant. With the right checks in place, these scams can be stopped in their tracks.

A 22% tax on ISAs? Why the headline needs explaining

You may have seen some alarming headlines this week about HMRC introducing a 22% charge on cash held inside stocks and shares ISAs. At first glance...

Fraud Alert: The €10 taxi fare that became €570

As we head into the summer holiday season, we wanted to highlight a simple but costly scam that has been catching out tourists abroad. The scam...

Getting to Know… Steve Ody

Steve Ody joined Citrus Financial as a Mortgage and Protection Adviser, working alongside Nicky Kirton and Kate Morrish in our growing mortgage and...

Stay in the loop

SUBSCRIBE TO OUR MONTHLY NEWSLETTER