Over $2 trillion dollars in stimulus money is being rushed out the door to assist Americans during the COVID-19 crisis, and we can expect around 10%, or $200 billion, of it to be earmarked for potential fraud. With a possible payday this high, you can expect the bad guys to be using any angle they can to get that money from you and your employees. Couple this with the fact that almost every workforce is currently at home, where security policies and procedures could find themselves being relaxed and communicating with your peers might not be as convenient, and we could see some things fall through the cracks.
With PPP loan applications, unemployment filings, stimulus checks, time off requests, and employees requesting pay information. This could be a busy and vulnerable time for your work from home payroll departments.
It’s now more important than ever to communicate with your coworkers. Especially about the legitimacy of requests that come in. Treat your email inbox like an exclusive club where anyone that shows up must be on your list and/or vetted. Be skeptical about requests from current or former employees asking for privileged information. If you do get something that seems suspect, consider reaching out via phone or slack/skype/teams etc. to verify it.
So, plan on getting an increase in fraudulent requests both at the company level and the employee level. Discuss a procedure for vetting those requests with the people in your department. Report suspicious emails or phone calls to your Security or IT teams. Someone’s email can always be resent, but we can’t take away a risky click, or a risky action.