When taxes come due, cyber criminals are in full bloom, scamming businesses out of their W2 employee information. Starting in 2016, the scams became bolder and gullible companies sent thousands of dollars to criminals to pay for W2 withholding shortages.
W2 Scams are Not New
The original phishing scams were designed to have companies release W2 information on employees to those operating the phishing scheme. Unwitting participants respond to a spoofed email from a high executive to the Human Resources Department or the Payroll Department. The bogus email looks and sounds real with and the fake official sending a message along the following lines:
Once the cyber-criminal has the information, he or she can use the information to file a phony tax return and get a tax refund mailed to them.
Also, the information is detailed and often includes the employee’s
This information makes stealing an employee’s identity a simple task. While this has been a profitable operation for cyber-criminals, in 2016 and early 2017, a new wrinkle developed.
What Else Could a Cyber-Criminal Want?
So, stealing a false tax refund and stealing an employee’s identity was not as profitable as some cyber-criminals believed it could be. The new wrinkle was to direct an executive from the company who first provided the thief with W2 information, a request from the same fake official (using a legitimate name and apparently legit business email address) a directive to a colleague with bank account access to wire company funds to a numbered account so that the funds can be used to correct “withholding mistakes.” It seems that the criminals ask for an amount of money that doesn’t raise eyebrows. For small companies, it may be a few hundred dollars and for larger companies many thousands of dollars. All in all, this W2 scam if very profitable. As with all things that are profitable, more people want to get some of the action.
IRS Commissioner John Koskinen said:
“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme.’’
In fact, for the first month of 2017, 29,000 taxpayers reported being victims of this scheme. As a result, the IRS renewed its frequent warnings about the W2 scam. The IRS suggests that companies be on the lookout for any unusual requests for W2 Employee information and confirm by phone that the alleged executive actually requested the information.
For more information on how to avoid these scams contact Interplay today. We are an experienced provider of IT security and other IT managed services. We can be reached at (206) 329-6600 or support@interplayIT.com.