Phishing scheme requests Form W-2 and other confidential employee information

By Sally P. Schreiber, J.D.

Payroll and human resources departments should beware of an email phishing scheme in which cybercriminals pose as company executives (including CEOs) and ask for confidential employee information, such as Forms W-2, Wage and Tax Statement, and employees’ Social Security numbers, address, date of birth, and salary, the IRS warned on Tuesday. Once this information has been stolen, it can be used to commit a number of crimes, including filing fraudulent tax returns to obtain refunds.

“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data. Now the criminals are focusing their schemes on company payroll departments,” IRS Commissioner John Koskinen said in a prepared statement. The fraudulent emails use what is called “spoofing,” which makes it appear the messages are from company executives, and often contain the name of the company’s CEO. Payroll departments are warned not to respond to these emails without being sure of who they are sending this information to.

The IRS says its Criminal Investigation division is reviewing several cases in which this latest variation on phishing has tricked people into supplying confidential employee information to cybercriminals.

The IRS recently reported detecting a 400% surge in email phishing schemes and malware attacks this tax season. It reminded taxpayers to be vigilant in protecting their personal information. Phishing schemes recently made the IRS’s annual “dirty dozen” list of top tax scams (see prior coverage here).

Sally P. Schreiber (sschreiber@aicpa.org) is a JofA senior editor. 

SPONSORED WHITE PAPER

Preparing the statement of cash flows

This instructive white paper outlines common pitfalls in the preparation of the statement of cash flows, resources to minimize these risks, and four critical skills your staff will need as you approach necessary changes to the process.

RESOURCES

Keeping you informed and prepared amid the COVID-19 crisis

We’re gathering the latest news stories along with relevant columns, tips, podcasts, and videos on this page, along with curated items from our archives to help with uncertainty and disruption.