Tax authorities warn employers again this year about a W-2 phishing scam that victimized organizations — and thousands of employees — last year.
During the last two tax seasons, cyber-crooks conned payroll personnel or those with access to payroll information into disclosing sensitive information for entire workforces from small and large businesses to public schools and universities, hospitals, tribal governments and charities.
Cybercriminals pinpoint chief operating officer, school executives or others in authority. Fraudsters pose as execs to e-mail payroll personnel, requesting copies of W-2s for all employees. Criminals use that information to file fake returns or sell it on the Dark Net. The scam may open with a friendly exchange before the fraudster asks for W-2 information. In several cases, fraudsters who acquired the information immediately followed up with a request for a wire transfer.
Reports of this scam jumped to some 900 in 2017, compared with slightly more than 100 in 2016. Last year, more than 200 employers were victimized.
The Internal Revenue Service and its Security Summit partners are urging employers to consider a policy to limit the number of employees who can handle W-2 requests and require additional verification procedures. If victims notify the IRS, the agency can also help protect employees from tax-related ID theft. It can also take weeks for businesses and organizations to realize they’ve been scammed.
Employers can report W-2 data thefts to email@example.com. They should type “W2 Data Loss” in the subject line, attach no employee personally identifiable information, and include:
- The business name and EIN associated with the data loss;
- A contact name and phone number;
- A summary of how the data loss occurred; and,
- The volume of employees impacted.
Businesses and organizations that fall victim to the scam or that only receive a suspect email can send the full e-mail headers to firstname.lastname@example.org, using “W2 Scam” in the subject line.
Register or login for access to this item and much more
All Accounting Today content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access