Cybercriminals Target Web Portals for W-2 Information

Identity-theft schemes involving Forms W-2, Wage and Tax Statement, have taken hold this tax-filing season, including one seeking access to employees' online W-2 portals, the Internal Revenue Service said April 7. Unauthorized third parties increasingly have been stealing user-name and password data for these portals, signing in and stealing employees' W-2 data, said Mark Kahler, national identity theft coordinator at the IRS Criminal Investigation Office of Refund Crimes. Payroll service providers and employers should require employees to use complex passwords to thwart potential hackers, he said April 7 during the agency's monthly payroll industry teleconference. The IRS previously singled out a phishing scheme that prompted payroll departments to send W-2 data to unauthorized third parties.