Dangerous W-2 Scam Now Impacting The Public Sector
IRS Issues W-2 Security Alert
The Internal Revenue Service (IRS) has issued a recent alert that the Form W-2 e-mail phishing scam has expanded from the corporate world and into the public sector. If you are a non-profit or governmental agency, you should be aware that this scam can result in the large-scale theft of confidential information. This information can then be used by cyber-criminals for various crimes including the filing of fraudulent tax returns.
How Does The Scam Work?
Cyber-criminals will disguise e-mails to make them appear to be from an internal executive within your organization. The e-mail will be sent to an employee in the payroll, human resources, and finance departments and will request a list of all employees and their Forms W-2. In the latest twist to this scam, the ‘executive’ e-mail will ask that a wire transfer also be made to a certain account. The wire transfer scam is being combined with the W-2 scam email, and some organizations have lost both employees’ W-2s and thousands of dollars due to these fraudulent wire transfers.
What To Do If Your Organization Has Been Targeted
- If you receive a W-2 scam email forward it immediately to your IT department and to phishing@irs.gov and place “W-2 Scam” in the subject line. Also, you should also notify the State by sending an alert to StateAlert@taxadmin.org.
- If you receive the W-2 scam email or if you believe that sensitive data has been stolen, file a complaint with the Internet Crime Complaint Center.
- Promptly notify the employees whose Forms W-2 have been stolen.
- Employees should then review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS.
- Employees will need to also file a Form 14039, Identify Theft Affidavit, if their tax return is rejected because of a duplicate social security number or if they are instructed to so by the IRS.
Best Practices When Handling E-Mail
- If you receive an internal e-mail that appears to be suspicious (i.e. asking for protected data), pick up the phone and call the sender or ask them directly in person to verify the legitimacy of the email.
- Other signs that an e-mail may be suspicious include the use of all capital letters, spelling errors, typos, and grammatical errors. Try to avoid opening these emails in the first place.
- If you do open the email, do not proceed to click on any links, open any attachments, or download any files. If you open an attachment or download a file, contact your IT department immediately.
- If you do click on a questionable link inadvertently and are prompted to log-in with your user credentials, register your credentials, or provide confidential information do not proceed to do so. Notify your IT department instead.
- If you do end up logging your credentials on a questionable web-site or disclosing confidential information, change your password immediately and let your IT department know what has happened right away.
Contact
Connect With Us
Stay Connected!
Sign up to receive information on the latest government and non-profit industry insights, firm news, and upcoming events & seminars.