Fraud has always been a risk within the staffing industry. However, it seems that more recently, fraudsters have gotten increasingly more prevalent and cunning in their attempts. It’s a never-ending risk that staffing companies must navigate. It’s critical to stay abreast of the latest fraud attempts and what you can do to protect your staffing company.

In our last newsletter article, Protect Your Staffing Company from the Rising Threat of Fraud, we specifically examined payroll fraud that we have seen first-hand. Thankfully we were able to help several of our clients avoid losses, however others weren’t so lucky.

In this article, we’ll examine three other types of fraud and ways you can help mitigate the risk. Specifically, we’ll be looking at “The Bait and Switch,” “The Man in the Middle,” and “The Trade Dress Grifter.” 

We felt that one of the top presentations at the 2025 ASA Staffing Law & Compliance Conference this past May was the session entitled, “The Threat is Real: Combatting Fraud in the Staffing Industry.” The experts presenting this information were Evan Fenaroli, VP Management and Professional Liability, Philadelphia Insurance Cos.; Kerri-Ann Griggs, Esq., Partner, Alson & Brid; and Ariel Zion, Esq., Chief Legal Officer, Insight Global.

They focused on four different types of fraud. We covered The Payroll Scheme in our last newsletter. In this article, we’ll take a closer look at the other three types.

The first type of fraud we’ll examine is called the “Bait and Switch.” While that name may sound familiar, how it applies to the staffing industry is somewhat new.

A staffing company may interview dozens of potential employees to fill assignments. The Bait and Switch occurs when one person interviews for the role, but another shows up for the assignment. This can be even trickier to catch since assignments in staffing are at customer sites. Typically, candidates that do this use a stand in for the interview because they’re unqualified for the position for which they’re applying.

To mitigate this type of fraud, try to have in-person interviews whenever possible. If doing virtual interviews, require that cameras remain on at all times. It’s also important to continue your verification process after the interview, including looking for photo verification of the individual online through social media or LinkedIn. You can also require that any training or onboarding be conducted in person.

The second type of fraud discussed during the presentation was “The Man in the Middle.” We’ve seen this one in action more than once. You receive an email that appears to be from a vendor, customer, or employee/consultant asking for a change in bank account information. The person making the request is not authorized to make that change and is doing so to divert funds to an account where, once the money is received, it is quickly transferred out so that the funds cannot be recalled.

To avoid falling prey to this scheme, train all your staff in payroll, human resources, and accounts payable to separately verify requests independently of the original request. Call back directly to the number you have on file for the individual purporting to make the request.

TRICOM will individually call back the owner of a business to verify the request and then send a DocuSign form to make the change to their business account. DocuSign will go through steps to verify the client’s identity. This process has saved clients from countless attempts to divert funds to fraudulent accounts. 

“The Trade Dress Grifter” is the third type of fraud that was addressed in the presentation. This is when an individual or company will pose as your company and take advantage of your brand or goodwill in the industry to defraud unknowing candidates. For example, they may try to send your customers fraudulent invoices in your name. The email address may look like it comes from your company, and they may even have your company name appear on caller ID or set up a fake company website or social media pages.

It can be hard to know if someone is using your company name. It may require hiring a private detective to track down unlawful use, or you may need to add disclosures to your website. Do periodic google searches or use google alerts for your company name to make sure no other websites other than your own company site comes up. Educate your employees to keep an eye out, as well by helping them to identify phishing emails and fake profiles. If you do identify someone using your company name, let your customers know so they can avoid falling victim to the scammer. It’s important to alert the authorities, including your local police and The Federal Trade Commission.

One way to reduce your losses from fraud is through cyber insurance. Since there are so many different types of fraud, it is critical for you to understand your options and your coverage. Coverage for data-related incidents may include breach response, cyber extortion, business interruption or income loss, and data restoration. You can also have coverage for invoice manipulation. However, not all types of fraud are automatically included. For example, computer fraud, funds transfer fraud and social engineering or fraudulent impersonation may require a specifically request that it be added.

Unfortunately, fraudsters are ever-diligent in their attempts to do harm. As with all aspects of your business, it’s important to stay attentive, follow your procedures, and trust your instincts if something doesn’t seem right.