Nonprofit Schools, Hospitals, and Tribal Casinos Are New Targets of Dangerous W-2 Phishing Scam (IR-2017-20)
Payroll/HR Department receiving email from CEO/CFO requesting list of all employees’ W-2s probably is new W-2 phishing.
Cyber criminals are using various spoofing techniques to disguise an email to make it appear as if it is from an organization executive to an employee in the payroll or human resources department requesting a list of all employees and their Forms W-2. This W-2 scam, which first appeared last year, is circulating to a broader cross-section of organizations, including school districts, tribal casinos, chain restaurants, temporary staffing agencies, healthcare providers, and shipping and freight companies. In the latest twist, the cyber criminal follows up with an “executive” email to the payroll department or the comptroller asking that a wire transfer also be made to a certain account. Some companies have lost both employees' W-2s and thousands of dollars due to fraudulent wire transfers.
Tax practitioner note. Please share this information with your payroll, finance, and human resource employees and consider creating an internal policy, if one is lacking, on the distribution of employee W-2 information and processing wire transfers.
If you receive this W-2 email scam, please forward it to firstname.lastname@example.org and place “W2 Scam” in the subject line.
Organizations that receive these scams or fall victim to them should file a complaint with the Internet Crime Complaint Center (IC3), operated by the Federal Bureau of Investigation. Employees whose Forms W-2 have been stolen should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft. The W-2 scam is just one of several new variations that have
appeared in the past year that focuses on the large-scale thefts of sensitive tax information from tax preparers, businesses, and payroll companies.
Tax practitioner note.
Tax preparers should also be leery of using search engines to find technical help with taxes or tax software. Selecting the wrong tech support link could lead to a loss of data or an infected computer. Software tech support will not call users randomly. This is just one more scam in the never-ending parade of cyber crook scams meant to steal financial information.