Authored by a Symantec employee
With the IRS’s due date of April 17th looming, fraudsters are rapidly trying to cash in on tax refunds. The IRS has reported that it has seen a 400% surge in phishing and malware incidents between the 2015 and 2016 tax seasons. This type of scam, which has come to be known as business email compromise (BEC), or business email spoofing (BES), has affected all kinds of businesses ranging from high-profile corporations to small businesses and schools.
What is a phishing scam?
A phishing scam is usually executed through email messages, phone calls or websites. Cybercriminals contact the potential victims through these channels and try to convince them to install malicious software on their devices. Or they use social engineering to convince their targets to hand over their personal information.
What is a W-2 phishing scam?
One of the ways a W-2 scam is carried out is when the scammer pretends to be a member of upper management and targets a more junior member of the organization. A phishing email from the cybercriminal requests that the target employees — usually in the finance, payroll or human resources departments — send W-2 forms for inspection. The emails appear legitimate and may sometimes include a phishing link.
The cybercriminal can send these phishing emails from a stolen email address or even from what appears to be a genuine email address with a few minor changes. A different “Reply-to” address can be set in the email so that when a victim replies with a W-2 form, the reply goes to an account under the attacker’s control, and not to the address it appears to have originated from.
It is important to realize that these documents contain tax and wage information for employees as well as their Social Security number, home address and employment location. Once these documents are obtained, the criminals could file fraudulent taxes or post this information for sale on the dark web where cybercriminals can use to it commit other crimes like identity theft.
How to help prevent W-2 scams
- Inform and educate your employees to be cautious of fraudulent emails. Do not click on links and attachments in emails from unknown senders, or act on requests that seem unusual or don’t follow normal procedures. Avoid providing personal information when answering an email, unsolicited phone call, text message or instant message.
- Additionally, do not reply to any emails that seem suspicious. Obtain the sender’s address or phone number from the corporate address book and ask them about the message. Never use the contact information provided in the email.
- Never enter personal information in a pop-up web page or anywhere else that you did not initiate.
- Keep security software and all other software programs updated.
- Report security warnings from your Internet security software to IT immediately. Chances are they aren’t aware of all threats that occur.
Cybercriminals are getting more sophisticated and operate with an arsenal of tools to attempt to file fraudulent tax returns and maybe commit other forms of identity theft. Being aware of these traditional scamming methods is a good first line of defense.
How to report a phishing email
The IRS is taking proactive steps to prevent phishing incidents. If you think you received a phishing email or phone call, be sure to visit https://www.irs.gov/privacy-disclosure/report-phishing and report the incident to the IRS.
As the line between our real life and digital life blurs with advancements in technology, it is important to be mindful of your personal information’s security. Keeping your digital devices, such as smartphones, PCs and laptops, protected with Norton Security Premium is one measure of online information security. It comes with online storage for file backup and multiple device protection that helps keep malware and viruses at bay. To help protect your identity, trust LifeLock. Lifelock uses monitoring technology and alert tools to help proactively safeguard your credit and finances.†
This unique combination of having Norton Security and LifeLock, two industry leaders in digital safety helping guard your digital life, will help you explore the Internet safely.
As you get your paperwork ready for the tax season stay safe and help keep your digital life protected.
Disclaimers and references:
No one can prevent all identity theft.
† LifeLock does not monitor all transactions at all businesses.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone