Scammers Expanding Their W-2 Phishing Effort
Identity thieves are widening their email scams in the latest attempt to steal personal and financial information. The Internal Revenue Service, state tax agencies and tax professionals have issued an urgent alert that the scammers are now targeting school districts, businesses (such as chain restaurants), tribal organizations and nonprofits.
Here’s how it works: Scammers use various techniques to disguise (or “spoof”) an email as appearing to be from an organization executive. The email is sent to someone in the payroll or human resources department, requesting a list of all employees and their Forms W-2. This scenario is sometimes referred to as Business Email Compromise (BEC) or Business Email Spoofing (BES).
In this latest version of the scam, the scammer follows up with an “executive” email to the payroll department or comptroller and asks that a wire transfer also be made to a certain account. Although this new twist isn’t tax-related, the wire transfer hoax is being coupled with the W-2 scam email, meaning some companies have lost both employees’ W-2 information and thousands of dollars to the two schemes.
Who’s Affected
The W-2 scam, which first appeared last year, is circulating earlier in the tax season and to a broader cross-section of organizations, including school districts, tribal casinos, chain restaurants, temporary staffing agencies, health care and shipping-and-freight companies. Businesses that received the scam email last year also are reportedly receiving it again this year.
The IRS, states and members of the income tax industry are urging all employers to share information with their payroll and human resources employees about both the W-2 and wire transfer scams. If there’s not one already in place, employers should consider creating an internal policy on the distribution of W-2 information and the use of wire transfers.
Be Safe Online
In addition to avoiding email scams, taxpayers and tax preparers should be leery of using search engines to find technical help with taxes or tax software. Selecting the wrong “tech support” link could lead to a loss of data or an infected computer. Also, software “tech support” will not call users randomly. This is a scam.
Any business or organization that receives a W-2 scam email should forward it to phishing@irs.gov, with “W2 Scam” in the subject line. If a company believes it fell victim to either of the scams, it should file a complaint with the Internet Crime Complaint Center (IC3), which is operated by the Federal Bureau of Investigation.
Employees whose Forms W-2 have been stolen should review the recommended actions from the Federal Trade Commission at www.identitytheft.gov or from the IRS at www.irs.gov/identitytheft.
A final word of caution to tax professionals: Everyone in the income tax industry should beware of ongoing scams aimed at obtaining your e-Services logins and passwords. Identity thieves are taking advantage of the IRS effort to make e-Services more secure, by sending emails asking e-Services users to “update their accounts.” In fact, these scam emails seek to steal your credentials in order to access your accounts.