W2 phishing

February 21, 2017

As tax season is in full swing, businesses may become the target of sophisticated phishing attacks seeking employees’ W2 information. The scam works in this way:  Someone contacts your business’ human resources or payroll department pretending to be from the IRS or an executive with the company. They request copies of employees’ W2s. In response, the employee sends the W2, leaving information, including employees’ names, addresses, birth dates, and social security numbers in the hands of scammers. The scammers may then file fraudulent tax returns or use the information for other identity theft purposes.

It is important that your employees understand the risks associated with this scam, especially employees in your HR or payroll departments.  Here are a few simple tips:

• Do not answer requests for personal information from company executives or the IRS without first using legitimate channels to verify the requestor’s identity.  The IRS will not request information such as this via email or phone.
• Do not click on any unknown links or attachments.
• Look very closely at the email address from which you’re receiving the email.  Often times, email addresses will look legitimate but may be off by a letter or two.
• If you receive an email you believe to be phishing for W2 information, forward the email to phishing@irs.gov with the subject line “W2 scam.”