At Heartland Bank, we care deeply about your financial security — because when our local businesses thrive, our communities thrive. Recently, we’ve seen an increase in a specific type of fraud targeting payroll departments.
As ACH and Wire fraud continues to affect businesses in our area, we want to take a moment to stress the importance of verifying all invoice and payroll account information changes.
Fraudsters are impersonating employees or vendors through convincing emails that request changes to direct deposit or payment details.
These messages often look legitimate — sometimes even appearing to come from your own team — but they’re designed to redirect payroll or vendor payments straight into a scammer’s account. Once the money is sent, it’s almost impossible to recover.
⚠️ How It Happens
Fraudsters use tactics like:
- Payroll hijacking: Spoofing an employee's email to change direct deposit details.
- Vendor impersonation: Pretending to be a known vendor or contractor and asking to “update” payment information.
- Business email compromise: Using hacked or faked executive accounts to request urgent wire or ACH payments.
These scams work because they look real — but you can stop them before they start.
đź”’ Your Best Defense: STOP. CALL. CONFIRM.
Empower your employees to follow this simple process:
- STOP – Don’t process requests for payment or account changes received by email.
- CALL – Contact the sender using a trusted phone number you already have on file. Never call a number listed in the suspicious message.
- CONFIRM – Verify that the person actually requested the change before moving forward.
Build a Culture of Awareness
Education is the best prevention. Make sure your staff — especially those handling payroll and accounts payable — are trained to pause, verify, and trust their instincts. Encourage open communication if something doesn’t feel right.
🔍 What to Watch For
Be on alert for these red flags in emails or messages that involve payments, invoices, or account updates:
- Impersonation of internal or external staff: Scammers may pose as a company executive, HR manager, or vendor to request fraudulent payments or setup changes.
- “Urgent” or time-sensitive claims: Wording like “immediate attention required,” “time-sensitive information,” or “account issue” is designed to trigger panic and quick action.
- Requests for sensitive information: No legitimate sender will ever ask you to “confirm your account” or share private financial details over email.
- Suspicious sender addresses: Double-check email domains. For example, a message from “Business Name” using @businesname.org.com instead of @businesname.com is a scam.
- Unsolicited or fake invoices: If you don’t recognize an order or invoice, don’t pay it — verify first.
- Unsolicited attachments: Avoid opening attachments from unfamiliar or suspicious senders — they could contain malware designed to steal information.
- Unusual or unnatural greetings: Watch for greetings your co-workers or vendors wouldn’t normally use — like “Dear Sir,” “Hello Team Member,” or “Good Day.” Even subtle differences in tone can indicate a fake.
We're Here to Help
Heartland Bank is committed to helping businesses safeguard their finances. If you suspect fraud or want to strengthen your internal controls, reach out. We are here to help.
💡 Remember: Fraud prevention starts with awareness — and it takes all of us to protect what matters most.