Cyber Security Alert: W-2 Phishing Scams

Reading Time: 2 minutes

W-2 Phishing Scams Target Payroll Departments in Pursuit of Employee Data

Don’t rush through your unread emails this tax season. Sophisticated W-2 phishing scams are likely to hit your inbox soon.

For several years now, cyber criminals have successfully used sophisticated social engineering tactics to dupe hundreds of payroll and HR departments into providing W-2 data on their employees, which results in the filing of fraudulent tax returns, identity theft cases, and even class-action lawsuits against the company.

Who’s Targeted: Payroll & HR Departments; Accounting Firms & CPAs

Who’s Sending: Sophisticated, career cyber criminals interested in profiting through the sale of bulk W-2 and identity information

The Consequences: Fraudulent tax returns, identity theft, class-action lawsuits

Successful attacks are incredibly disruptive to employees, extremely expensive for employers—and completely avoidable with awareness training.

What to Look Out For

The typical W-2 phishing email is spoofed to look like it is from a high-level executive and asks the employee to provide W-2 or other tax-related information either by replying to the phishing email, by sending the information to another email address, or to upload it to a server owned by the bad guys.

In many instances, the request for the information comes with a high sense of urgency, which compels the employee to act quickly. Plus, the appearance of the emails are designed to be replicas of legitimate emails from the executive and often contain the actual signature block.

Urgency coupled with the appearance of authenticity often cause the recipient to act without second thought.

How to Keep Your Employees from Falling for W-2 Scams

Warn your employees to “Think Before They Click” and to follow proper procedure—especiallywhen the email contains a strange request and appears to be from the CEO.

Inoculate Your Employees With Security Awareness Training

Corsica Technologies provides simulated phishing and online security awareness training to businesses seeking to bolster their security through employee education. If you’re already a Security Awareness Training customer, you have access to ready-to-send W-2 phishing templates similar to the one below to train employees with access to employee W-2 information.

What To Do If Your Company Receives a W-2 Phishing Email

Do: Forward the email to phishing@irs.gov and place “W2 Scam” in the subject line

Don’t: Reply or forward the email to other employees or executives

Organizations that receive the scams or fall victim to them should file a complaint with the Internet Crime Complaint Center (IC3,) operated by the FBI.

Employees whose Forms W-2 have been stolen should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft.

Employees should file a Form 14039 (PDF) Identity Theft Affidavit, if the employee’s own tax return rejects because of a duplicate Social Security number or if instructed to do so by the IRS. As a rule of thumb, file your taxes quickly.

Interested in preparing your employees for sophisticated phishing attempts? Email us and ask us about a demo of our simulated phishing tool. 

Related Reads

Get 10 tips for a successful digital transformation

10 Tips for a Successful Digital Transformation

Companies that don’t embrace new technologies to help them work faster and smarter will fall behind the competition and ultimately fail. Digital transformation is required in the new world of business to improve efficiency, connectivity, security, and data insights. Digitization

Read More
Outsourcing Cybersecurity Management Makes Sense

Outsourcing Cybersecurity Management Makes Sense

As cybersecurity becomes more complex, more companies are outsourcing those needs. However, some executives have reservations about handing over control. Here’s a deeper dive into the considerations and benefits of outsourcing your cybersecurity to a Managed Security Service Provider (MSSP). 

Read More

Get the latest insights delivered to your inbox