Skip to content

Protecting Your Accounts Against Cybercrime

Cybercriminals sometimes target SimplePay accounts by using passwords stolen from other platforms. Once they gain access, they may attempt to submit fraudulent information update requests to employee banking details, or make unauthorised changes to employee accounts.

SimplePay's systems are secure – our database is completely isolated, and all passwords are stored with irreversible encryption. Accounts can be compromised, however, when users' passwords are stolen from external platforms.

Recommendations

To reduce the risk of fraudulent account activity:

  • Make 2-Factor Authentication (2FA) mandatory for all users on your account. More information is available here.
  • Ask all users to reset their passwords to strong, unique ones that are not reused on other systems.

Review and verify any information update requests directly with employees before approving them. Also, encourage your employees to report any unexpected or suspicious notifications to you immediately.

Additionally, double-check employee details. This can be done in the following ways:

  • When you finalise payslips in bulk, the system displays a pre-finalisation page that shows you which employees have had their account details changed, if any.
  • When finalising payslips individually, you can view any recent changes under employees' Recent Activity.
  • The Employee Changes report shows all employee record changes across your account.

Users on your account should set complex passwords, avoid reusing passwords across systems or reusing previous passwords, and reset passwords periodically.