True Payroll Crime Stories - Under Siege (Episode 91)

[00:00:00] We have our customers are the people that we pay, right?

[00:00:03] Our coworkers are our customers, right?

[00:00:04] So if we are messing up people's check all the time

[00:00:08] and we're messing up their money,

[00:00:10] they're going to lose trust and payroll, right?

[00:00:13] Welcome to our podcast, It's About Payroll.

[00:00:17] We're your hosts, Brian Escobar

[00:00:19] and Walter William Duncan III.

[00:00:21] Whether you're new to the payroll game

[00:00:23] or seasoned veteran, we have something for you.

[00:01:25] He was happy to partner with us and that a lot of podcasts aren't sustainable.

[00:01:29] Even some of the podcasts that we see out there now may be fading away.

[00:01:34] So it's just for us to be like a mainstay with our listeners and to continue having the growth that we're having, man, it's just a feeling of being like,

[00:01:38] just grateful.

[00:01:40] Yep.

[00:01:41] Yeah, absolutely grateful, man.

[00:01:42] Absolutely.

[00:01:43] Yeah.

[00:01:43] Same here, man.

[00:01:44] Same as just great.

[00:01:45] Andrew, like you said, the emotional part, I was getting choked up on that

[00:02:41] but based on state and stuff like that. Or even some states have even like some territories

[00:02:45] that have regions that have separate wages and stuff.

[00:02:48] But I was thinking, should minimum wage

[00:02:52] be based on industry?

[00:02:55] So if you're an actor, you should be your minimum wage.

[00:02:58] If you're a payroll person, this is the minimum wage.

[00:03:01] So as soon as you come in, this is how much you should at least

[00:03:04] make.

[00:03:05] And that's our should adjust drives me crazy. Federal minimum wage is $7.25. Yes, it's about to be 2024 and it's still $7.25. And then it makes me think about what Tabitha said when she had her restaurant, right? And for those of you who missed the episode, we had Tabitha Brown on, vegan influencer, actor,

[00:04:23] just all around amazing personality.

[00:04:26] She was talking off America's mom.

[00:04:27] She was talking finances with us. What? So should it be based on industry? It definitely needs to be revamped. What do you think? This episode is presented by TimeTrack Go, the simply better employee time clock software that is going to make your life easier. In addition to the unique graphical employee

[00:05:40] time card that helps you quickly identify and change like, it's a lot of minimum wage. But I think, but I think it's Americans and workers

[00:07:04] are very deserving of it. Absolutely. I do hyped for now. Yes, that's that'll be available on it's about your paycheck.com and all podcast platforms and YouTube. Yes. All right. Let's get into today's show. We are talking cybersecurity.

[00:08:26] We found two great articles that are that really highlight the dangers.

[00:09:43] What happened. Right. Come on, man. Yes. Yes. We talk about this all the time, right? We have we we've run across many people. Okay. And despite the IRGCs designation as a foreign terrorist organization in 2019, the attack did not require sophisticated tactics.

[00:11:00] So it sounds like it was just a normal...

[00:11:02] Oh, this is just easy.

[00:11:03] An 11 year old could have done it.

[00:11:06] Low hanging fruit.

[00:11:07] Low hanging fruit. world war might just be online. That's what's going on right now. It's happening already, right? Scary stuff too. I'm getting chills, but it all ties back. Yeah, it's a reality. It's unfortunately, it's a reality. So they knew this were coming, right? So before we continue, I don't know if you know that show that Jon Stewart and Trevor Noah used to host

[00:12:21] like a daily show. Yes. Oh, the daily show. Yeah.. So we have got to be like, if you're in an industry that uses these PLCs, you guys have to heighten your security. The call for immediate action, the CISSA, C-I-S-A executive assistant, again, a cybersecurity and infrastructure security agency,

[00:13:42] the executive assistant there, or I'm sorry,

[00:13:44] executive assistant director for cybersecurity

[00:13:47] name is Eric Goldstein, urge organizations any of these. So other pro Iran groups have also claimed attacks. Folks, these terrorists have moved there. Just like you said, they're moving to a cyber warfare. They realize we don't even have to do some of the things we did in the past. We could just do this now. Some of the solutions and this is where it hones in on the payroll and HR folks, right?

[00:15:02] Because we have to be mindful of these if, hey, you can't, once you log in, it forces you immediately to change it. So I think that's like an evolution in this. Like we have to get to a point where we're forcing users to change their passwords and it has to be those good pass. How they, when you

[00:16:21] type in a password and it says, oh, fair, good, healthcare, every industry. Yes. Yes. So that's what I'm saying. We're getting these attacks on our water supply because water impacts everything. Farms, like every, we use water for a lot of different things to make things go in this

[00:17:41] country.

[00:17:42] So they're going to attack those it says, imagine if we're all sharing our data and not our data, but our the attacks, if we should, oh my gosh, I got attacked and this is how it happened.

[00:19:01] And this is what they attack.

[00:19:03] If every company shared that data, we would be in a better place. business. That's right. It is. And then so they don't want to share that. Cause then can you imagine if the direct whoever that direct deposit impact they were like that they would immediately pull out of that company. You know what I mean? In conclusion, some, the recent wave of attacks underscores the urgency for critical infrastructure operators

[00:20:21] to fortify the defenses against blah, blah, blah. They were talking about it was cybersecurity attack. It was a fire sale. They call it a fire

[00:21:40] sale and blah, blah, blah. And it basically it means attacks on your infrastructure. Yes.

[00:22:43] What does it teach ourselves? We have to understand what this stuff is about.

[00:22:46] I get, I get too worked up.

[00:22:48] I know.

[00:22:49] I'm sorry.

[00:22:50] So the one that I want to share with this, because this one is the one that I believe

[00:22:54] that I really thought they use on unwitting people.

[00:22:58] We don't know it.

[00:22:59] It's like social, what did they call it?

[00:23:02] Social, something social attack or whatever.

[00:23:04] I forget the name of it, but the report is, that's it, right? Without the correct technologies and policies in place, identifying anomalous user behavior can be incredibly tricky. As a result, these attacks often go undetected as the authentication performed by a bad actor

[00:24:22] can look the same as a legitimate user,

[00:24:25] depending on how expensive the identity TAC has wreaked havoc on 60 credit unions, which caused widespread outages as reported by MSN. The Federal Financial Institutions Examination Council, FIEC, how's that for? The acronyms. Yeah. They have confirmed the incident signaling

[00:25:42] a concerning escalation in cyber threats

[00:25:45] targeting financial institutions. a highlight you'll see an article but you have to actually read the details or click on the link because they're supposed to legally tell you exactly everything that's happened. They may just tell you in an article, an article may not have all the details of what was actually done like you were saying. So it's something that you want to do your research on. It was confirmed by the federal agency, the attack raises concerns on broader implications for financial stability and customer trust. We're in the service industry, right? We do payroll, we serve someone else, we have our customers are the people that we pay, right? And our coworkers are our customers, right? So if we are messing up people's check

[00:28:23] all the time and we're messing up their money, they caters to the employee. Safe Talk, which is a safe space for professionals like you and myself to have those tough conversations. And the news pod, which we keep you informed and updated on the latest happenings in the world of payroll finance HR. Thank you for being a part of this journey. Let's jump back in and discover the power of payroll.

[00:29:42] All right. So what are some of the immediate concerns with this stuff?

[00:29:46] Service distribution. Yeah, heck yeah.

[00:30:43] within the financial industry to share threat intelligence and to bolster collective cyber security defenses.

[00:30:47] Because a lot of these financial services

[00:30:50] and financial institutions,

[00:30:51] they have transactions between each other.

[00:30:55] People transfer from bank to bank,

[00:30:57] and this bank sends money to this bank

[00:30:58] for this person's pay,

[00:31:00] and there's a lot of transactions that are going on,

[00:31:02] so they're all interconnected.

[00:31:05] Think about that.

[00:31:06] Go ahead, go.

[00:31:07] What do you say?

[00:31:08] No, I was gonna say even in random industries, the industry, the service, whatever person that has the data, they need to do their part, whether that's your employer, your bank or whatever, they need to do their part to protect you. But you also have your role in this. Absolutely. We have a role as payroll providers and payroll processors to protect people's data.

[00:32:21] We shouldn't send an email with someone's unprotected,

[00:32:25] past sensitive data or information.

[00:32:27] No PI. And I've talked to people at work. It's a good call out. Yeah. They're like, no, I had no idea. I'm just busy. Yeah. So we should socialize it more. Yes. Yeah. We should share this more. And I know a lot of people do that. You see those people, like, and there's a lot of false information out there too. So be mindful of that. Make sure you get your stuff from legit sources and like, confirm sources and stuff like that.

[00:33:42] But share information.

[00:33:44] Yeah.

[00:33:44] Educate one another.

[00:33:45] Educate yourself.

[00:33:47] I think that's a livelihoods of individuals. It emphasizes the need for heightened cybersecurity measures to protect not only financial institutions,

[00:35:01] but the financial well-being of employees who rely on prompt and secure payroll payments be heightened on your security. I don't want you to be paranoid with everything. This stuff can make you paranoid, but it's something that you really need to think about because it is a tactic that hackers other countries, people within the country use to get your data so they can help themselves. So just be mindful.

[00:36:22] Absolutely right. Now I have two things that I want to share, real life stuff to think her for under that. And she didn't pick it up until the statement came. And she was like, Oh crap. I got I didn't do all this. She saw the balance and like the what she's Oh my gosh, she was terrified. It ran and really shook her. But of course the insurance everything she immediately reported it. Thank God it was like in another state. And it was very

[00:37:40] obvious that it was not her. But she recently when the season is. Now here, all of a sudden, during the holidays, you in the parking lot here in this Plaza Mall or whatever, you playing music and what is it panhandling,

[00:39:04] whatever they're calling it. I was like, see that. The same groceries that cost you $50 last year now cost you $80 this year. So that's a $30 difference. So like you said, those $5, $10, those dollars and stuff like that, they add up. You know what I'm saying?

[00:40:20] It adds up for sure.

[00:40:21] So again, be diligent.

[00:40:23] Look at your transactions.

[00:40:25] What I do every few months is packet and you know how the little serial number there is for the card. But what they're doing is they're taking that out. They're cutting that piece off of the card.

[00:41:40] So this because all you need is the strip.

[00:41:42] Yeah.

[00:41:43] Because the strip is still there.

[00:41:44] So you can take that digital number.

[00:41:47] That's what you need to make sure that you got the whole oh what did the cops say you like when you're checking out yes make sure there's an entire card in there or ask the catcher hey can we go ahead and open it