IRS Warns Of Big Uptick In W2 Email Phishing Scams

The Internal Revenue Service (IRS) is warning about a cyber crime increase in the number of email phishing scams aimed at gathering information from employees’ W2 forms.

According to a press release by the U.S. government agency, the IRS said 200 businesses, public schools, universities, Native American governments and nonprofits fell victim to a phishing scam during the 2017 tax season. The phishing scam, in which several hundred thousands of employees’ data was stolen by scammers, marks a large increase from the 50 people scammed in 2016, noted the IRS. The scam sees perpetrators sending emails that appear to be sent from executives at the scammers’ targeted companies. The emails require human resources and payroll departments within the company to provide a list of all employees and W2 forms. Some of the emails also request companies to transfer money to a bank account, noted the report.

“The W2 scam — called a business email compromise, or BEC — is one of the most dangerous phishing email schemes trending nationwide from a tax administration perspective,” the IRS said in a press release. “The IRS saw a sharp increase in the number of incidents and victims during the 2017 filing season.”

IRS commissioner John Koskinen also weighed in on the cyber attack through the press release.

“These are incredibly tricky schemes that can be devastating to a tax professional or business,” said Koskinen. “Cybercriminals target people with access to sensitive information, and they cleverly disguise their effort through an official-looking email request.”

The IRS noted during the 2016 filing season it had warned businesses the phishing scam had migrated to tax administration and that scammers were using business email compromise tactics to obtain employees’ W2 forms. The cyber criminals were immediately filing fraudulent tax returns that could mirror the actual income received by employees, making the fraud more difficult to detect, the IRS said.