Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Dangerous Mix: IRS Says New Scam Blends CEO Fraud with W-2 Phishing

March 1, 2017

Cybercriminals spend their time concocting new nefarious ways to make money. As the IRS recently warned in an urgent alert, they are now combining two potent threats. One is CEO fraud, an e-mail scam in which the attacker spoofs a boss and convinces an employee to wire funds which end up with the cybercriminal. The other is W-2 phishing, where the bad guys pretend to be the boss requesting a copy of all employees’ W-2 forms. They then file fraudulent tax refund requests on behalf of the taxpayers – or they sell the info on the Dark Web ($4 – $20 per record) so someone else can do the same thing.

As tax season is upon us, all organizations need to be wary of both schemes – and the combo version of them in which they execute both schemes as part of the phishing attack. I mean, heck, if you’re going to impersonate a boss anyway, you might as well make money with wire transfers as well as employee tax data, right?

In June of 2016, the FBI estimated that crooks had stolen nearly $3.1 billion from more than 22,000 victims of these wire fraud schemes. The W-2 phishing scams first appeared in February of 2016 and became a huge phenomenon.

The IRS says organizations receiving a W-2 scam email should forward it to and place “W2 Scam” in the subject line. Organizations that receive the scams or fall victim to them should file a complaint with the Internet Crime Complaint Center (IC3,) operated by the FBI.

Employees whose W-2 form have been stolen should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft. Employees should file a Form 14039 (PDF) Identity Theft Affidavit, if the employee’s own tax return is rejected because of a duplicate Social Security number or if instructed to do so by the IRS.

Be sure to read the alert for additional steps both employers and employees can take to guard themselves against being fleeced by cybercriminals in this new hybrid scam.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
http://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Dangerous Mix: IRS Says New Scam Blends CEO Fraud with W-2 Phishing

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer