Keep an eye out for the new W-2 Phishing Scam.

Keep an eye out for the new W-2. There are many people phishing in fraudulent waters trying to bait you.

There are many people phishing in fraudulent waters trying to bait you.

Business owners the W-2 scam has reared its ugly head once again! The Form W-2 phishing scam that victimized countless businesses and employees last year evolved and also targets schools, restaurants, hospitals, tribal groups, and nonprofits.

There are many people phishing in fraudulent waters trying to bait you. The IRS says the Form W-2 scam has emerged as one of the most dangerous phishing emails in the tax community. During the last two tax seasons, cybercriminals tricked payroll personnel or people with access to payroll information into disclosing sensitive information for entire workforces.

Reports to from victims and non-victims about this scam jumped to approximately 900 in 2017, compared to slightly over 100 in 2016. Last year, more than 200 employers were victimized, which translated into hundreds of thousands of employees who had their identities compromised.

By alerting employers now, the IRS and its partners hope to limit the success of this scam in 2018. The IRS last year also created a new process by which employers should report these scams. There are steps the IRS can take to protect employees, but only if the agency is notified immediately by employers about the theft.

Here’s how the scam works:

  • Cybercriminals do their homework, identifying chief operating officers, school executives or others in positions of authority. Using a technique known as business email compromise (BEC) or business email spoofing (BES), fraudsters posing as executives send emails to payroll personnel requesting copies of Forms W-2 for all employees.
  • The Form W-2 contains the employee’s name, address, Social Security number, income, and withholdings. Criminals use that information to file fraudulent tax returns, or they post it for sale on the Darknet.
  • The initial email may be a friendly, “hi, are you working today” exchange before the fraudster asks for all Form W-2 information. In several reported cases, after the fraudsters acquired the workforce information, they immediately followed that up with a request for a wire transfer.

In addition to educating payroll or finance personnel, the IRS and Security Summit partners also urge employers to consider creating a policy to limit the number of employees who have authority to handle Form W-2 requests and that they require additional verification procedures to validate the actual request before emailing sensitive data such as employee Form W-2s.

If the business or organization victimized by these attacks notifies the IRS, the IRS can take steps to help prevent employees from being victims of tax-related identity theft. However, because of the nature of these scams, some businesses and organizations did not realize for days, weeks or months that they had been scammed.

The IRS established a special email notification address specifically for employers to report Form W-2 data thefts. Here’s how Form W-2 scam victims can notify the IRS:

  • Email dataloss@irs.govto notify the IRS of a Form W-2 data loss and provide contact information, as listed below.
  • In the subject line, type “W2 Data Loss” so that the email can be routed properly. Do not attach any employee personally identifiable information data.
  • Include the following:
  • Business name
  • Business employer identification number (EIN) associated with the data loss
  • Contact name
  • Contact phone number
  • Summary of how the data loss occurred
  • Volume of employees impacted

Businesses and organizations that fall victim to the scam and/or organizations that only receive a suspect email but do not fall victim to the scam should send the full email headers to and use “W2 Scam” in the subject line.

Employers can learn more at Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers.

Employers should be aware that cyber criminals’ scams constantly evolve. Finance and payroll personnel should be alert to any unusual requests for employee data.

Life Preserving Tax Quips and Quotes from Jeffrey Schneider EA, CTRS, NTPI Fellow and Author of Now What? I Got a Tax Notice from the IRS. Help!

Whether you need help with IRS or State Audits, Offer in Compromise, Appeals, Collections, Penalty and Interest Abatement, IRS Tax Liens and Levies, Wage Garnishments, Delinquent Taxes, or Tax Preparation, SFS Tax Problem Solutions has the expertise and experience to resolve all your tax problems.
For more on Jeffrey A. Schneider, SFS Tax Problem Solutions, services, speaking, webinars and his book, visit;

#phishing #scams #phish #fishing #refunds #taxpayers #bankaccounts #cybercriminals #EnrolledAgent #jeffreySchneider #taxleins #nowwhathelp #taxquotes #taxquestions #fraud #money #wealthmanagement #debt #owe #problem #fail #mistakes #collection #agent #april



Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *