With tax season well underway, the IRS has issued an official warning to payroll and human resources professionals to beware a new email phishing scheme designed to scoop up W-2s and exploit the personal information within. The scammers present themselves as high level administrators of a company looking to access employee W-2s – with their true intent being to gain access to employee social security numbers to defraud workers.“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data. Now the criminals are focusing their schemes on company payroll departments,” said IRS Commissioner John Koskinen in the IRS alert. “If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.” Scammers can easily obtain the required information about HR leaders and CEO names from a cursory search through sites like LinkedIn and use that information to personalize their phishing emails. This has already exposed thousands of employees’ personal data at companies nationwide.
New Twist on an Old Scheme
“The IRS has issued an official warning to payroll and HR professionals.”