W-2 Phishing Scam Happening Through Emails

    W-2 Phishing Scam Happening Through Emails

    Posted by Steven Lai
    Fri, Mar 24, 2017

     Scam requests for W-2's

    Numerous scams have been happening through emails. The scam consist of requests for W-2 information from individuals. The scam emails are designed to look like they was sent from a CEO or other excuitive member, asking for employees W-2 information.  The FBI and IRS have posted warnings about this criminal activity and have stated the volume of the scam emails have increased drastically. 



    Already Victimized

    The scam emails have been spreading like wildfire and rapidly to the point where even cyber security companies are concerned for themselves and their employees. Some of thse security companies have already become victims.W2_scam_phising_hook_caught_a_victimAn example of one of these companies is Defense Point Security; a cyber security company who became a victim to fraudsters after one of their employees fell for the spear phishing attack. (Spear pishing is a online attack, aimed towards a specific individual or department of a organization). 



    Ways To Prevent the Email Scams

    1. Let managers, IT and HR members know ASAP.
    2. File all of your taxes as quickly as possible. The fraudsters are making bogus claims before the April 15th deadline.
    3. File a 14039 form and request an IP pin from the government.  This is benefical because it allows the IRS to understand that you have been a victim of identity theft in the past. 
    4.  Identify the email addresses. There should be a group of your colleagues within your email server. If the email is not the same as your group of colleagues then that is a sign of a  fraudulent email.
    5. Do not display employees emails on the company's WEBSITE!
    6. There are many programs that secure your email. For instance KnowBe4’s Phish Alert application that your IT Service Provider should be using.
    7. Place a security freeze on your files with the three top credit bureaus to prevent ID thieves from accessing your credit. Without a security freeze, thievies can open up a line of credit with your name on it!
    8. Get a credit report frequently to analyze any suspicious activity in your name.

    Sources: https://info.knowbe4.com/domain-spoof-test-chn






    Topics: cybersecurity, Data Security, email security, Phishing, social engineering

    Written by Steven Lai

    Contact Us