Watch Out for the W-2 Email Scam

  |  August 22, 2017

The IRS is urging businesses to beware of a recent increase in email scams targeting employee Forms W-2. The W-2 scam – called a business email compromise or BEC – is one of the most dangerous phishing email schemes trending nationwide from a tax administration perspective. The IRS saw a sharp increase in the number of incidents and victims during the 2017 filing season.

A business email compromise occurs when a cybercriminal is able to “spoof” or impersonate a company or organization executive’s email address and target a payroll, financial or human resources employee with a request. For example, fraudsters will try to trick an employee to transfer funds into a specified account or request a list of all employees and their Forms W-2.

IRS Commissioner John Koskinen said that “Cybercriminals target people with access to sensitive information, and they cleverly disguise their effort through an official-looking email request.”

The Federal Bureau of Investigation reported earlier this year that there has been a 1,300 percent increase in identified losses – with more than $3 billion in wire transfers – since January 2015. The FBI found that the culprits behind these scams are national and international organized crime groups who have targeted businesses and organizations in all 50 states and 100 countries worldwide.

In 2017, the IRS saw the number of businesses, public schools, universities, tribal governments and nonprofits victimized by the W-2 scam increase to 200 from 50 in 2016. Those 200 victims translated into several hundred thousand employees whose sensitive data was stolen. In some cases, the criminals requested both the W-2 information and a wire transfer.

How to Report a Scam or Suspicious Email

The IRS has established a special email notification address specifically for businesses and organizations to report W-2 thefts: dataloss@irs.gov. Be sure to include “W-2 scam” in the subject line and information about a point of contact in the body of the email. Businesses and organizations that receive a suspect email but do not fall victim to the scam can forward it to the BEC to phishing@irs.gov, again with “W-2 scam” in the subject line.

For more information about the W-2 Scam, or to learn about how we can partner with you to manage your business taxes, please contact REDW Principal Sandy Abalos.

Comments