The Internal Revenue Service (IRS) is warning that the infamous Form W-2 phishing scam that traditionally has targeted corporations now is being used to dupe school districts, tribal organizations, restaurant chains, temp agenices, healthcare, shipping and freight firms, and non-profits.
In addition, attackers are adding wire transfer schemes to the mix, according to the alert from the IRS.
"This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme," said IRS Commissioner John Koskinen.
The phony emails come in the form of business email compromise (BEC) attacks, where the sender poses as an organization executive, sending phishing emails to payroll or human resource department employees asking for their employees' Forms W-2.
"In the latest twist, the cybercriminal follows up with an 'executive' email to the payroll or comptroller and asks that a wire transfer also be made to a certain account. Although not tax related, the wire transfer scam is being coupled with the W-2 scam email, and some companies have lost both employees’ W-2s and thousands of dollars due to wire transfers," the IRS alert explains.
The IRS alert and information on how to protect your employees from these attacks is here.