The US tax filing deadline is now less than a month-and-a-half away, and tax-themed phishing is trending up. Compromised or spoofed emails purporting to be from a company executive are received by the human resources department. Those emails request W2 information.
That’s simply the lead-in to the scam’s ultimate goals, which are usually one of the following: either collection of personal information on employees, fraudulent wire transfers of company funds, or both! The emails asking for W2 information often contain the wire transfer request.
It follows that training against the kind of social engineering common in business email compromise (BEC) is valuable here as well. HR personnel should be unusually vigilant for phishing attempts during tax season. Here’s the FBI advisory: https://www.ic3.gov/media/2018/180221.aspx
AUSTIN (KXAN) — The W-2s of workers of two Central Texas employers were compromised in two separate phishing scams.
The Austin Diagnostic Clinic Association reported the 2017 W-2 and address information of employees were compromised on Feb. 27, thanks to an email attack. Patient information was not affected, according to Bob Presley, a compliance officer at ADCA.
“Based on the information we currently have, the only information that was compromised was that which is contained in a W-2 form and address information; there was no compromise of patient health information,” Presley said.
Separately, Rockdale Independent School District fell victim to a similar scam, in which all of its W-2s were also compromised.
Both groups reported the incidents to law enforcement and the IRS, and they are working with employees to get credit protection for those who were affected.
Last year, the IRS says more than 200 employers fell victim to the phishing scam, which translated into hundreds of thousands of employees who had their information compromised. The IRS says the Form W-2 scam has emerged as one of the most dangerous phishing emails in the tax community. More at: http://kxan.com/2018/03/02/two-central-texas-employers-fall-for-w-2-email-phishing-scam/amp/
CEO Fraud Prevention Manual Download
CEO fraud has ruined the careers of many executives and loyal employees. Don’t be next victim. This brand-new manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.
PS: Don’t like to click on redirected buttons? Copy and paste this link in your browser:
Based Blockchain Network