Fraudsters are turning to phishing campaigns in attempts to trick individuals with access to their company’s W-2 tax forms into turning them over, the IRS has revealed.
More pointedly, the Internal Revenue Service believes that one particular campaign has progressed beyond targeting corporate entities and is now striking school districts, nonprofits and other tribal organizations. In a related scam, the W-2 crooks are also looking at ways toward stealing employee W-2 information from an older scheme on wire transfers, thereby victimizing some organizations twice, the IRS warned.
In a public release, IRS Commissioner John Koskinen stated:
This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme.
The scam works by with several spoofing techniques deployed by cybercriminals. Typically, emails are disguised in such a way that they purport to originate from an executive from the organization. This email is sent to an employee in the human resources, payroll or finance departments. The scam then requests a list of all employees and their W-2 forms.
Not content with the request, there have been a rise in instances of cases that see the cybercriminals follow up with an “executive email” asking the payroll employee or comptroller to ask a wire transfer to be made to a specific account. Some companies have lost both their employees’ W-2 forms and thousands of dollars via wire transfers after falling prey to the scam.
The IRS is urging organizations who receive W-2 scam emails to forward it to firstname.lastname@example.org with the subject line “W2 Scam”.
The W-2 scam is now targeting a broad and varied list of organizations including tribal casinos, chain restaurants, temporary staffing agencies, shipping and freight agencies, healthcare and school districts.
Image credit: Flickr.