Be cautious of W2 Phishing Cheats This Tax Time

Companies are notified to be vigilant of W2 phishing cheaters this tax time. As observed during the previous 2 years, hundreds of organizations cheated into disclosing the W2 documents of their workers. The identifications on the documents were then used to file wrong tax returns. This year is expected to be the same.

The previous year, accounts division, as well as payroll workforce, were beleaguered with W2 phishing cheats, using an attack method called business email compromise or BEC. The business email compromise cheats include the imitation of the Chief Executive Officer or a different C-suite decision-maker, with electronic mail applications mailed to accounts division and payroll workforce requesting for duplicates of W2 documents for workers who worked for the business during the previous financial year.

The electronic mails are persuading because they seem to come from inside the firm from a known electronic mail address. Several accounts and payroll department staff fell for the cheat and electronically mailed the information as demanded. Charities, tax professionals, healthcare providers, educational institutions, and companies, were all beleaguered. The IRS states over 200 companies revealed their workers’ details to cheaters previous year. Tax information of hundreds of thousands of workers was revealed, and numerous suffered substantial losses as a consequence.

Companies must train their payroll and accounts staff concerning W-2 phishing cheats and apply rules that need any electronic mail request for worker information to be confirmed before replying. Confirmation must be made via telephone or in person, not via electronic mail. Cheaters have been known to talk with accounts staff through electronic mail and persuade them that the appeal is sincere. A prohibition on sending tax information through electronic mail must also be taken into consideration.

It’s essential that W2 phishing cheats are informed. Anybody receiving a scam electronic mail must transmit the communication to the Internal Revenue Service at – phishing@irs.gov – with the topic line “W2 Scam”.

Any company that falls for this type of a cheat must notify the IRS instantly to let action to be taken to avoid tax scam. An electronic mail, with the topic line “W2 Data Loss” must be sent to the electronic mail address – dataloss@irs.gov – with a short description of what occurred. No worker information must be sent through electronic mail.