Read more about the current Greenbook proposals. ...
This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.
The IRS has urged employers to notify their payroll department of a W-2 phishing scam that affected hundreds of organizations—and hundreds of thousands of their employees—last year. Targets of the scam include small and large businesses, public schools, universities and charities. The IRS hopes to prevent the scam by educating employers and, for those affected by the scam, by providing measures to mitigate its success.
In the scam, cybercriminals research the organization and identify persons of authority (e.g., the Chief Operating Officer in a business). They then use a technique known as business email spoofing to impersonate that individual in email correspondence. In many cases, the perpetrator will begin with a seemingly innocent email, asking if the employee is working today. Thereafter, they will request Form W-2 information for all employees and, if that is received, ask for a wire transfer. The cybercriminal will use the W-2 information to file fraudulent tax returns or place it for sale on the Dark Net.
In addition to educating employers to prevent the scam, the IRS urges businesses to have effective controls in place around the release of private information. For example, businesses should limit the number of employees who can respond to W-2 requests and, when such a request is made, require additional verification from the requestor (such as a telephone call) before sending the W-2.
Unfortunately, many employers do not realize they are victims of the scam until days, weeks or months after it is effectuated. By this time, damage may have occurred. For this reason, employers should timely notify the IRS upon learning they are victims of the scam. Specifically, employers should:
Likewise, victims, or attempted victims, of the scam should send the full email header to “[email protected]” with “W2 Scam” in the subject line.
This is merely one of the many cybersecurity threats employers face. The nature and complexity of these attacks continues to evolve, becoming increasingly more difficult to detect. If you have questions about effective cybersecurity, do not hesitate to contact our office.
Read more about the current Greenbook proposals. ...
Learn more about the regional and national supply chain implications of the Baltimore Key Bridge collapse. ...
We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.
Ask us
[email protected]
p:412.261.3644
f:412.261.4876
[email protected]
p:614.621.4060
f:614.621.4062
[email protected]
p:571.380.9003