top of page

KAPPA TECHNOLOGY BLOG 

Diana Strader

TAX SEASON COULD BRING NEW SURGE IN PHISHING SCHEME


The Internal Revenue Service, state tax agencies and the tax industry today urged all employers to educate their payroll personnel about a Form W-2 phishing scam that made victims of hundreds of organizations and thousands of employees last year. The Form W-2 scam has emerged as one of the most dangerous phishing emails in the tax community.

HERE IS HOW IT WORKS:

Cyber criminals do their homework, identifying chief operating officers, school executives or others in positions of authority. Using a technique known as business email compromise (BEC) or business email spoofing (BES), fraudsters posing as executives send emails to payroll personnel requesting copies of Forms W-2 for all employees.

The Form W-2 contains the employee’s name, address, Social Security number, income and withholdings. Criminals use that information to file fraudulent tax returns, or they post it for sale on the Dark Net.

The initial email may be a friendly, “hi, are you working today” exchange before the fraudster asks for all Form W-2 information. In several reported cases, after the fraudsters acquired the workforce information, they immediately followed that up with a request for a wire transfer.

HERE IS THE BOTTOM-LINE:

Stay vigilant, if you receive an email from someone requesting W-2's, whether you know them or not, DO NOT send them. Pick-up the phone, call them and ask them if they sent the request. Do not email them and ask them if they sent the W-2 request, if the hacker has access to their email, they will answer YES! (Side note: sending W-2's through email is not best security practice, we suggest never sending this confidential information through email.)

Below is a video to help you better understand how to identify malicious emails.

HOW TO IDENTIFY MALICIOUS EMAIL

bottom of page