Toll-Free 

855.411.EDTS (3387)


Augusta, GA

706.722.6604


Greenville, SC

864.250.9112


Columbia, SC

803.250.4656


Asheville, NC

828.318.0916


Savannah, GA

912.421.7700

Posted by Delano Collins on 2/27/18 8:23 AM
Delano Collins

W-2 Phishing Scams Target Payroll Departments in Pursuit of Employee Data

Don’t rush through your unread emails this tax season. Sophisticated W-2 phishing scams are likely to hit your inbox soon.

For several years now, cyber criminals have successfully used sophisticated social engineering tactics to dupe hundreds of payroll and HR departments into providing W-2 data on their employees, which results in the filing of fraudulent tax returns, identity theft cases, and even class-action lawsuits against the company.

w-2 scam alert image 1.png

Who’s Targeted: Payroll & HR Departments; Accounting Firms & CPAs

Who’s Sending: Sophisticated, career cyber criminals interested in profiting through the sale of bulk W-2 and identity information

The Consequences: Fraudulent tax returns, identity theft, class-action lawsuits

Successful attacks are incredibly disruptive to employees, extremely expensive for employers—and completely avoidable with awareness training.

What to Look Out For

The typical W-2 phishing email is spoofed to look like it is from a high-level executive and asks the employee to provide W-2 or other tax-related information either by replying to the phishing email, by sending the information to another email address, or to upload it to a server owned by the bad guys.

Phishing Example 16.png

In many instances, the request for the information comes with a high sense of urgency, which compels the employee to act quickly. Plus, the appearance of the emails are designed to be replicas of legitimate emails from the executive and often contain the actual signature block.

Urgency coupled with the appearance of authenticity often cause the recipient to act without second thought.

How to Keep Your Employees from Falling for W-2 Scams

Warn your employees to "Think Before They Click" and to follow proper procedure—especially when the email contains a strange request and appears to be from the CEO.

Inoculate Your Employees With Security Awareness Training

EDTS provides simulated phishing and online security awareness training to businesses seeking to bolster their security through employee education. If you’re already a Security Awareness Training customer, you have access to ready-to-send W-2 phishing templates similar to the one below to train employees with access to employee W-2 information.

CEO_Fraud_Screen_Shot.png

 

If Your Company Receives a W-2 Phishing Email

Do: Forward the email to phishing@irs.gov and place “W2 Scam” in the subject line

Don’t: Reply or forward the email to other employees or executives

Organizations that receive the scams or fall victim to them should file a complaint with the Internet Crime Complaint Center (IC3,) operated by the FBI.

Employees whose Forms W-2 have been stolen should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft.

Employees should file a Form 14039 (PDF) Identity Theft Affidavit, if the employee’s own tax return rejects because of a duplicate Social Security number or if instructed to do so by the IRS. As a rule of thumb, file your taxes quickly.

Interested in preparing your employees for sophisticated phishing attempts? Email us and ask us about a demo of our simulated phishing tool. 

 

Topics: Security Alerts, Phishing, Cyber Security Tips, Most Popular