The number of organizations that fell prey to a recurring W-2 email scam that involved identity thieves posing as company executives rose subatantially in 2017, an Internal Revenue Service official said May 18.
Data breaches at a relatively small number of organizations may represent the stolen data of hundreds of thousands of taxpayers, said Tamara Powell, acting director of the IRS Return Integrity Compliance Services.
“Cyber criminals have continued to evolve,” Powell said at the annual American Payroll Association Congress in Orlando, Fla. “As we have made progress against identity theft, the criminals need more and more personal data to able to impersonate the true taxpayers. They merely shifted their targets to those of you in the payroll industry.”
The email scam uses a corporate officer's name to request employee Forms W-2, Wage and Tax Statement, from payroll or human resources departments. In the first four months of 2017, 870 organizations reported to the IRS that they received a W-2 phishing email, up from about 100 organizations in the first four months of 2016, Powell said. Of the 870 organizations, about 200 lost data, up from about 50 in 2016, she said.
“Two hundred organizations may not sound like a lot, but that data theft or data loss can translate into hundreds of thousands of taxpayers,” Powell said.
No single industry was targeted, Powell said. Organizations affected by the phishing scam included manufacturers, payroll-service providers, payroll companies, public schools and universities and hospitals, she said.
In the scam, which first appeared in 2016, cybercriminals trick workers into disclosing employee names, Social Security numbers and income information. They then attempted to file fraudulent tax returns for refunds, the IRS said.
“The criminals are especially brazen,” Powell said. In one case, a criminal did not like the format the W-2s were in, so the thief asked the payroll employee to reformat and resend them. The employee complied, she said.
Organizations may discover a data breach weeks or months after it has occurred, at which point the criminal likely profited from the theft by using the data or selling it on the dark web, Powell said. Identity thieves will continue using the phishing scheme for as long as it is effective, she said.
Tactics like the phishing scheme represented a departure from traditional identity theft, which started to change around 2010, Powell said. Identity theft evolved from a crime of opportunity, typically committed by someone within an organization with access to W-2 data, to operations run by organized crime and criminal syndicates, she said.
The criminals behind identity theft are well funded and technically sophisticated, Powell said. “They start prepping for our filing season before we do.”
Take a free trial of Bloomberg BNA’s Payroll Decision Support Network, your one-stop resource for reliable, up-to-date guidance and analysis in every area of payroll administration and compliance.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)