Payroll Direct Deposit Fraud Prevention
The USG has noticed an increase in cyber fraud targeting employees and impacting their paychecks. Cybercriminals are using DUO pushes to gain access to employee credentials, allowing them to alter direct deposit and banking information. It is imperative that you do not authenticate any DUO requests that you did not initiate. In late June, USG Information Security implemented a change to OneUSG Connect to better protect employees. Now, a Payroll practitioner must update an employee’s direct deposit information for certain internet-based banks that are more frequently used by cybercriminals. Please be aware that if your pay is misdirected to a fraudulent account due to your own actions, you should report the theft to law enforcement, as KSU cannot issue a second paycheck due to misdirection. (This is the equivalent of your wallet being stolen). If you try to change your direct deposit to a bank that is flagged as high risk, you will receive an error message and be directed to contact Payroll. You will need to verify your identity, likely in-person, with a Payroll practitioner who can then manually update your direct deposit information.
DID YOU KNOW... Tips and Tricks to stay safe
Do not click on embedded links asking you to validate your credentials within OneUSG Connect or your network credentials at KSU. DUO pushes indicate the location from where the request was initiated. If the request comes from a location other than where you are, do not accept it. NEVER authenticate a DUO request that you did not initiate. Be on alert for any emails asking you to take urgent action or that have incorrect spelling or grammar or have an unknown email address. Messages displaying ‘external sender’ should be considered malicious until proven otherwise.
If you have received suspicious communications or clicked on any malicious links report it to abuse@kennesaw.edu immediately.
5
Made with FlippingBook HTML5