This W-2 Phishing Scam is Making Its Round for the Second Year
The IRS is warning businesses to stay alert and informed in the face of potential fraud, as a popular W-2 phishing scam that first reared its ugly head last year is re-circulating this tax season. All businesses should be on the lookout, as the scam has expanded from targeting for-profit corporations to targeting school districts tribal organizations, and nonprofits, making all businesses more vulnerable.
Scammers are successfully impersonating company executives in an email identity-theft scheme that requests sensitive employee information from payroll or human resources departments, such as W-2 forms. The email is sent from an address that appears to be from the executive’s company email address, and uses the name of a senior company official to request information, typically like this:
- “Kindly send me the individual 2016 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
- “Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).”
- “I want you to send me the list of W-2 copy of employees’ wage and tax statement for 2016, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.”
Once the cybercriminals are given access to employee names, SSNs, and income information, they impersonate taxpayers and attempt to file fraudulent tax returns for tax refunds.
“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme,” said IRS Commissioner John Koskinen.
And it gets worse. According to the IRS, once scammers fool personnel into relinquishing employees’ personal details, there’s a second part to the scam — they will request a wire transfer of funds to a specific bank account under the guise of using the money to cover payroll or other company bills.
In order to protect businesses from tax-related identity theft, the IRS, state tax agencies, and tax industry partners are urging employers to educate their payroll, finance, and human resources employees about these scams. If you’ve received one of these scam emails, forward it to email@example.com with “W2 Scam” in the subject line, and file a complaint with the Internet Crime Complaint Center (IC3), operated by the Federal Bureau of Investigation.