The IRS released an alert last week warning businesses about a phishing scam involving fraudulent requests for W2 information. Business owners, payroll employees, and Human Resources staff should be particularly cautious during this tax season.
How it Works
The emails come from a cyber-criminal impersonating the CEO or other senior executive and uses an email address that appears legitimate for the executive.
The emails are sent to someone in payroll or human resources requesting copies of employees’ W2s or other employee personal identification information of such as names, addresses, social security numbers and pay information.
If the information is sent, the cyber-criminal files tax returns requesting refunds from the IRS. They may use the information for other illegal gains as well.
Businesses of any size can be targets of these attacks. Businesses can reduce the chance of being victimized by taking preventive steps.
- Provide awareness education to your payroll and human resources staff regarding the scam.
- Develop a way to authenticate any employee information requests within your company. It can be as simple as requiring your staff to call the executive to confirm such requests or include a pass phrase within legitimate requests.
- Have executives only request confidential information via their designated company email addresses. Have a cyber security specialist set email filters to stop any other email addresses with the executives’ names.
If you are a victim, check out the information on the IRS site for businesses listed below.
For more information on how to protect your small business or nonprofit organization from threats consider NCI Small Business and Nonprofit Training. For dates and locations click here.
IRS (2016, March 1). IRS Alerts Payroll and HR Professionals to Phishing Scheme Involving W-2s. Retrieved from https://www.irs.gov/uac/Newsroom/IRS-Alerts-Payroll-and-HR-Professionals-to-Phishing-Scheme-Involving-W2s
IRS (n.d.). Has your Business Become the Victim of a Data Breach?. Retrieved from https://www.irs.gov/Individuals/Has-your-business-become-the-victim-of-a-data-security-breach%3F