Fraud, Cyber & Security Smarts: Protecting Your Cannabis Payroll

Fraud doesn’t just happen to “other companies.” Even in cannabis, where you already fight uphill battles with compliance and banking, payroll fraud is one of the most common—and costly—threats. The good news? You’re already with Paragon Payroll, which means you’ve got strong fraud-prevention systems built in. But that doesn’t mean fraudsters stop trying.

This guide is for you—our clients—to help you spot the warning signs early and stay one step ahead.

The Most Common Cannabis Payroll Fraud Schemes

Payroll Diversion (Phishing/Pharming)
Fraudsters send emails that look like they come from payroll, asking for login details or direct deposit updates. One click and they’re rerouting employee paychecks.

Ghost Employees
Fake hires, “forgotten” seasonal workers, or terminated employees who never lost system access. Suddenly, money’s leaving your payroll for people who don’t exist.

Compromised Emails
Attackers impersonate employees or managers: “Please update my bank account ASAP.” Without verification, their paycheck is gone.

Red Flags to Watch Out For

• Payroll totals spike unexpectedly (not tied to harvest, new store openings, or planned hires).

• New hires or contractors added outside of normal onboarding.

• Duplicate names, addresses, SSNs, or bank details in payroll.

• Multiple employees tied to the same routing number.

• Logins happening at odd hours or from strange locations.

Cannabis-Specific Examples

• A cultivator in Colorado lost nearly $20,000 after a “ghost trimmer” stayed on payroll months after harvest.

• A dispensary in Michigan discovered two “employees” shared the same bank account—belonging to a former manager who had insider access.

• A California edibles manufacturer fell victim to phishing when an attacker posed as HR, asking budtenders to “confirm payroll info.” Several handed over SSNs before the fraud was caught.

How Paragon + You Work Together to Stop Fraud

We’ve built fraud prevention into your payroll, but these steps will help keep your side secure:

• Use MFA + Passkeys: If you’re still using passwords alone, upgrade ASAP.

• Segregate Duties: Make sure the same person isn’t entering and approving payroll.

• Audit Monthly: Compare payroll against your roster regularly.

• Train Your Team: Share phishing examples so they know what to ignore.

• Shut Down Access Fast: Off-board terminated employees immediately.

• Keep Payroll Devices Clean: Payroll should run on secure devices, not the same ones used for browsing or social media.

What To Do If Something Looks Off

1. Pause payroll activity.

2. Contact your Paragon Payroll rep right away.

3. Gather details (who, what, when) so we can investigate.

4. Notify any impacted employees if needed.

5. Reset, retrain, and reinforce controls moving forward.

Our Commitment

We know how much you already juggle—keeping your team paid, staying compliant, and building your business in an industry that never takes it easy on you. Payroll fraud adds a risk you shouldn’t have to face alone.

That’s why we’re committed to:

• Running anomaly detection behind the scenes.

• Helping you implement the strongest security tools.

• Responding immediately if you suspect fraud.

You’ve trusted us with your payroll. We take protecting it personally.

Next Step for You
If you notice anything unusual—no matter how small—reach out to us. Fraud prevention works best when it’s a partnership. Together, we’ll keep your payroll safe, your employees protected, and your business running smoothly.