W-2 phishing scams are again threatening business owners. All business owners and their employees should be on the alert for cybercriminals attempting to steal W-2 and other sensitive personal information through a phishing scam. W-2 phishing scams made victims of hundreds of organizations and thousands of employees in the last couple of years, and are again emerging as one of the most dangerous phishing email scams.

How do they do it?

Cybercriminals will seek to obtain copies of W-2s or other personal information by sending an email to staff, impersonating someone of authority within a company or school community and making an urgent request for sensitive data. These smart criminals are really doing their homework to identify who the authority figures are in an organization. They do this by using a technique known as business email compromise (BEC) or business email spoofing (BES). On the surface, it looks like they are using the email addresses of the CEO, CFO, or school executives to send fraudulent emails requesting copies of W-2s. Because these emails appear to come from authority figures in the organization, it instills trust in employees and fear to not comply, because no one wants to tell the boss no. These criminals then take this information and use it to file fraudulent tax returns, or post it for sale on the internet.

What's the solution?

The single solution to the problem is increasing awareness and making sure employees are comfortable asking executives about suspicious email requests. Companies should educate their staff about the possibility that they may receive phony emails asking for W-2s or other sensitive information. Employees should be empowered to ask questions and require more information before they comply with requests for personal information.

Another tip: stay on the alert for phony bank confirmations related to home mortgages.

What should you do if you fall victim?

If the business organization notifies the IRS, they can take steps to prevent employees from falling victims of tax-related identity theft. The IRS has established special email notification addresses for employers to report Form W-2 data thefts or suspicious attempts from fraudsters to get information from companies. Employers can learn more at the IRS website.

You can always contact our Cybersecurity Team if you have questions.