IRS Warns: Be Aware of Latest W-2 Security Scam
By Karen Connair, Partner, Tax & Business Services & Victor Kim, Senior, Tax & Business Services
The IRS has released a warning about the latest email scam targeting payroll and human resources departments. In what’s commonly called a “spoofing” e-mail, a cybercriminal poses as high level executive and requests an employee list containing employees’ names, social security numbers, birthdates, and/or income information. The bogus emails often utilize the correct name of an actual company executive. Once the requested information is obtained, cybercriminals are then able to file fraudulent returns for tax refunds.
This W-2 scam was first identified in 2016. Earlier this month, the IRS announced that the scam is making its way across the nation for a second time.
[Marcum’s Tax & Business Services division offers all forms of accounting and regulatory compliance services. Learn More.]
The IRS has identified some common ways to spot “spoofing” emails. The agency reports that many of these emails contain one of the following phrases (grammatical and punctuation errors are repeated here verbatim):
- “Kindly send me the individual 2016 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
- “Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).”
- “I want you to send me the list of W-2 copy of employees wage and tax statement for 2016, I need them in PDF file type. You can send it as an attachment. Kindly prepare the lists and email them to me ASAP.”
Cybersecurity experts advise taxpayers to look for misspelled words. Second, don’t click on any links in the email. Instead, hover your mouse over the line to identify the linked address. Then type the web address into your browser to verify whether or not it is legitimate. Third, if the email appears to originate from an executive whose name you recognize, confirm that he or she actually initiated the information request. Finally, if you received a spoofing email, report it to your IT department.
If you were unfortunately tricked into releasing sensitive information, report it to your supervisor immediately.
Should you have any questions concerning this warning, please contact your Marcum tax professional.