Cybercriminals continue to send fraudulent, “phishing” emails to payroll and human resource employees, making it appear as if the email is from one of the organization’s executives and asking for tax-related employee information. The IRS is offering guidance for those affected, whether directly or indirectly, by the scam.
The emails being sent request a list of all employees and their Form W-2s. Once the criminals have an employee’s W-2, they file a tax return and request a refund or sell the information on the dark web. Read more on the scam’s details in our previous post: “New Tax ID Phishing Scam Targets Corporations, Schools and Nonprofits.”
The IRS knows time is critical if an employer falls victim. In response to this particular scheme, the IRS has:
- Created ways employers can report data lost,
- Compiled information that should be communicated to employees if their information was stolen, and
- Created a way to report one of these emails if you received it but did not actually fall victim and provide the information requested.
The IRS is working diligently to stay on top of the techniques cybercriminals are using to fraudulently obtain taxpayer information and provide this information to employers. Employers can do their part by being aware of the scam and putting in place internal policies that safeguard both the distribution of employee W-2s and associated information. Read the IRS resources page related to this phishing scheme, including information on how to report lost data or emails received.
Cohen & Company is not rendering legal, accounting or other professional advice. Any action taken based on information in this blog should be taken only after a detailed review of the specific facts and circumstances.