The IRS warns the nation’s business about a growing W-2 email scam that threatens sensitive tax information held by employers. Cybercriminals are constantly evolving. W-2 scams have emerged as one of the most dangerous and successful types of phishing attacks. Hundreds of employers and tens of thousands of employees fell victim to the scheme in the past year. All employers are at risk. In 2017, the W-2 scam made victims of businesses large and small. The scam, which grows larger each year, will likely make the rounds again in 2018.
These criminals – many of them sophisticated, organized syndicates – are redoubling their efforts to gather personal data to file fraudulent federal and state income tax returns. Employers need to beware of the schemes and educate employees. Successful inroads have been made to stop stolen identity refund fraud, and criminals now need more information to file a fraudulent return. Criminal are now targeting employers to get the accurate data about taxpayers. The W-2 form contains income and withholding information necessary to file a tax return.
Business email compromise or business email spoofing are scam emails that are designed to trick businesses into thinking these are official communications from the IRS or others in your organization. Cybercriminals use various spoofing techniques to disguise an email to make it appear as if it is from an organization executive. Cybercriminals also create false IRS web sites and IRS impersonation emails. These unsolicited emails or a fake website poses as legitimate sites. These sites may ask for information or they may carry malware, which can infect computers and allow criminals to access your files or track your keystrokes to gain information.
The criminal will send an email to one employee with payroll access, requesting a list of all employees and their W-2 forms. The thief may even specify the format in which he wants the information. The subject line has hundreds of variations along the lines of “review,” “manual review” or “request.” Because payroll officials believe they are corresponding with an executive, or the IRS it may take weeks for someone to realize a data theft has occurred.
Cybercriminals who successfully steal W-2 forms immediately attempt to monetize their thefts. Generally, the criminals quickly file fraudulent tax returns within a day or two. They also sell the data on the Internet’s black-market sites to others who file fraudulent tax returns or use the names and SSNs to create other crimes.
IRS has created avenues for businesses to report if they lost data to this scam or if they received the email without falling victim. If notified quickly after the loss, the IRS may be able to take steps that help protect your employees from tax-related identity theft. Businesses should urge employees, and customers to protect their data and beware of phishing emails, the most common tactic used by criminals to steal data.
Payroll Data Processing is committed to protecting you from identity theft. Combat identity theft refund fraud to protect the nation’s taxpayers with our help. Payroll Data Processing employs professionals who keep your information safe from cybercriminals.