New Strain of Fraud Targets W-2s Through CEOs and CFOs

Attorney General George Jepsen, Department of Revenue Services (DRS) Commissioner Kevin B. Sullivan and Department of Consumer Protection (DCP) Commissioner Jonathan A. Harris are warning consumers about a new W-2-themed phishing scheme that targets employees and even Chief Financial Officers (CFOs) in an attempt to obtain personal information and other data.

Hackers and cybercriminals are using a system that mimics employer’s email and then requests employee W-2s, often appearing as requests directly from the Chief Executive Officer (CEO).  These Internal Revenue forms have sensitive personal information such as Social Security numbers, full names and addresses, which can be sold or used for identity theft and financial fraud.  The W-2’s in particular give an identity thief almost everything needed to commit tax fraud.

Scammers targeting taxpayers pretending to be the Internal Revenue Service are nothing new, and taxpayers should always stay vigilant, officials said. However, W-2-themed phishing schemes directed at businesses are becoming more prevalent and organizations have been warning their employees to be wary of them, especially when filing their taxes.  This type of scam, often referred to as “CEO fraud” is part of a broader base of scams referred to “business email compromise,” which the FBI said exposed nearly $750 million in 2015 to scammers between October 2013 and August 2015.

“Hardly a week goes by that my office doesn’t hear about a scheme where hackers or scam artists attempt to gain access to personal information such as Social Security numbers, credit card numbers, and bank accounts,” said Attorney General Jepsen. “Cybercriminals have begun to use sophisticated attempts to obtain this information as this W-2 phishing scheme demonstrates, while others may search garbage cans, use misleading emails or fake Web sites, or even just look over an unsuspecting consumer’s shoulder.”

Added Commissioner Sullivan, “This year, criminals posing as the IRS and DRS are even more aggressively out to steal taxpayer record information and taxpayer identities.  It’s a huge, global criminal enterprise.  In this case, the focus on W-2 employee withholding information probably reflects the fact that DRS has gotten this data much earlier than usual from employers and is using it to help screen against fraud.  What taxpayers need to know is simple.  The IRS and DRS never contact taxpayers through email or by phone in this way, so do not respond.”   

“Scammers change their act all the time to try and catch us where we feel most secure, and many times that’s in a work environment. Emails disguised as correspondence from a boss, or even something as simple as an invoice can be used by scammers to gain access to information they shouldn’t have. We urge consumers to review any tax related emails that look strange closely, and verify they are from a legitimate source before opening or clicking on any links.”

“By becoming informed, consumers and businesses can help ensure that personal information is protected – be it when filing their tax documents in the coming months or when just going about a day-to-day routine,” said Attorney General Jepsen.

If you are a business that has been targeted or fallen victim to this scam, file a complaint with the Internet Crime Complaint Center (IC3): www.IC3.gov

If you are worried that a call or email from the IRS is real because you know you owe taxes, contact the IRS directly at 800-829-1040 or go to www.irs.gov.  Fraudulent emails purporting to be from the IRS should be forwarded to phishing@irs.gov.

If you become a target of this scam, it’s also helpful to file a consumer complaint with the Federal Trade Commission at www.ftc.gov, and add "IRS Telephone Scam" to the comments of your complaint.

Consumers with questions can contact the Attorney General's Consumer Privacy and Data Security Department at 860-808-5440, the Department of Consumer Protection at 1-800-842-2649 or the Department of Revenue Services fraud hotline if they are a victim at 1-855-842-1441.

###