IRS to businesses: Beware phishing scams targeting employee W-2s

The Internal Revenue Service warned businesses to watch out for phishing scams seeking employee W-2 forms, according to CBS News.

In a W-2 scam, a cyberattacker sends an email to payroll or human resource departments while posing as one of the target organization's executives. The cyberattacker then asks for a set of employees' W-2 forms, which include identifying information such as Social Security numbers.

Roughly 200 businesses, public schools, universities, Native American governments and nonprofits were hit by W-2 scams during the most recent tax filing season, according to the government. In 2016, the government identified roughly 50 W-2 scams, according to CBS News.

To avoid a W-2 scam, the IRS recommended businesses alert employees with access to W-2 forms about the phishing trend.

"If you get a suspicious email, pick up the phone and call the person who purportedly sent it, using a phone number you can verify as theirs, not one that might be contained in the email. Confirm that this person has in fact made the request," CBS News reports.

More articles on cybersecurity:
CVS Caremark exposes patients' HIV statuses via envelop windows
GAO: Federal efforts to curb use of SSNs see 'limited success'
Kaleida Health reports 2nd phishing attack in 2 months

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months