top of page
Search

Fraud and Phishing Awareness: Stay One Step Ahead!

  • Writer: Angie Morrison
    Angie Morrison
  • Dec 29, 2025
  • 3 min read

Scams and fraud attempts are becoming increasingly sophisticated and more common. This article outlines practical tips on what to watch for and how to reduce the risk of becoming a victim. When in doubt, always err on the side of caution and verify any requested changes directly with the individual or organization before taking action.

Vendor ACH Payments

  • If you receive an email or letter indicating that a vendor’s ACH information has changed, carefully review the sender’s email address to confirm its legitimacy.

  • Always contact your established point of contact at the vendor’s organization—or use the phone number listed on the vendor’s official website—to verify the change. Do not reply to the email or call the phone number provided in the notification, as fraudulent requests often route directly to the scammer.

  • Avoid clicking links or downloading attachments included in these messages, as they may be phishing attempts intended to compromise your network or systems.

Payroll Direct Deposit

  • Always err on the side of caution whenever you receive a request to change an employee’s direct deposit information.    

  • Vista Software’s Employee Self-Service (ESS) feature allows your staff to fill out and submit a new Direct Deposit form electronically.  Even when a request is submitted through ESS, do not assume it is legitimate.  If an employee’s email or phone has been compromised, a scammer may be able to reset passwords and submit fraudulent changes.

  • Carefully review any voided check provided for warning signs, such as mismatched fonts, pixelated text or borders, preprinted dates, or unfamiliar bank names. While fraud can occur using any bank, fraudulent activity often takes place using online or out-of-state banks.

  • Always verify direct deposit changes by contacting the employee directly using their district email address or by phone. Many districts also require employees to appear in person to confirm changes, which provides an additional layer of protection.

Check “Washing”

  • Check washing scams involve changing the payee names and often the dollar amounts on checks and fraudulently depositing them. Occasionally, these checks are stolen from mailboxes and washed in chemicals to remove the ink.

  • Positive Pay is an effective safeguard against fraudulent checks clearing your bank account.  Positive Pay involves sending your bank a list of check numbers, payee and amounts each time you generate physical checks. The bank then verifies that the checks received for clearing match the amount and payee that was originally communicated. If a check arrives with a different amount, it may have been altered. If your financial institution offers this service, consider implementing it as an added layer of security. Contact your banking representative if you are not currently using this feature.

Fake Vendor Invoices

  • Exercise caution when receiving unexpected invoices by email, particularly if the vendor does not typically send invoices in this manner.

  • Review the sender’s email address and the content of the message carefully for inconsistencies or unusual language.

  • Do not open attachments or click links until you have confirmed the legitimacy of the request.

  • Construction vendors are frequently targeted, but fraudulent invoices can originate from any vendor.

  • Always verify invoices by contacting the vendor directly using known and trusted contact information. Do not reply to the suspicious email.

Phishing Emails from District Administrators

  • Scammers often impersonate superintendents, CFOs, or other district administrators.

  • These messages may request immediate wire transfers, gift card purchases, or other urgent and atypical actions.

  • Do not respond or comply with these requests. Always verify by contacting the administrator directly through their known district email address or phone number before taking any action.

Final Thoughts

Fraud tactics continue to evolve, and scammers are constantly seeking new ways to steal information and money. The examples above are just a few of the ways that fraud can occur. Taking the time to verify requests, question unusual communications, and follow proper procedures is essential to protecting both district resources and personal information.


 
 
bottom of page