How Do Scammers Use Fake Job Offers to Get Access to Your Bank Account?

By The Penny Plan Editorial Team Published July 13, 2026 6 min read

An offer letter arrives, the pay looks reasonable, and then a “payroll setup” request shows up asking for more than the usual banking details. It’s a step most new hires don’t question, since sharing account information for direct deposit is genuinely a normal part of starting a job.

The short answer

Fake job offers generally aim to get access to a bank account through a handful of repeated tactics: asking for full online banking login credentials instead of just routing and account numbers, requesting remote access to a computer to “help set up” payroll or equipment, or using a fraudulent check to create a short window where money can be drained before the fraud is caught. The common thread across all of these is that they ask for more access, or more trust, than a real employer’s onboarding process actually requires.

Why routing and account numbers alone aren’t a real risk

It’s worth separating what’s genuinely normal from what isn’t. Providing a routing number and account number for direct deposit is standard practice everywhere, and that information alone doesn’t allow anyone to log into an account or move money out of it; it only allows deposits to be made in. The tactics that actually create risk go well beyond that basic, standard request.

The tactics that actually create access

Why the fake check version is especially damaging

Because a bank can make deposited funds available before a check is actually confirmed as good, a person can end up spending or forwarding money that later turns out not to exist. If part of that money was wired or sent back per instructions, that kind of request to return funds quickly is a recognizable pattern in its own right, and the account holder is typically the one left responsible for repaying the bank once the check is discovered to be fraudulent.

What tends to distinguish a real onboarding process

A legitimate employer’s payroll and IT setup generally happens through secured, internal company systems, not through remote-access software installed by the employee, personal login sharing, or checks mailed directly to an individual with instructions attached. Verifying that a company and its hiring process are real before sharing any financial information is generally a more reliable safeguard than trying to evaluate each individual request as it comes up, since a convincing fake employer can make almost any single step look ordinary in isolation.

Worth remembering

Direct deposit information alone isn’t the vulnerability in most fake job offer schemes; the actual access comes from credentials, remote control of a device, or money movement set in motion by a fraudulent check. Recognizing which requests go beyond standard onboarding is generally the clearest way to catch the pattern before any real access is gained.