Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Seagate Employee Falls for Phishing Scam – Sends W-2 Tax Forms to Scammer
March 8, 2016
According to a report from Softpedia (via Brian Krebs), a Seagate employee received a spear-phishing e-mail on March 1st which looked like an internal company request, asking for W-2 tax forms for current and past employees. The employee complied by sending the requested file.
As soon as Seagate found out about the incident, it informed authorities and started sending notification letters to all affected parties. A company spokesperson told Krebs that W-2 forms for thousands of current and former employees have been exposed, but not more than 10,000.
W-2 tax forms are used to store information about an employee's wage and salary information, along with the amount of federal, state and other taxes withheld from paychecks. Along with these details, the form also contains the employee's Social Security Number (SSN), home address, and contact information.
All this data is more than a scammer would need to file fraudulent tax returns on the behalf of each victim. It is extraordinary how successful this kind of fraud has become.
Just last year, in a single incident, the IRS reported that attackers accessed the IRS accounts of over 390,000 users, and tried to file fraudulent tax returns.
E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson
Listen to the Podcast
