Spear Phishing E-mail Scheme Surges For W-2 Forms

King & Spalding

In the midst of this tax season, a number of companies have fallen victim to the latest spear phishing e-mail scheme, resulting in the unauthorized disclosure of their employees’ W-2 information and learning the hard lesson that often the best way to steal something is simply to ask for it.

On March 1, the IRS issued an alert to payroll and human resources professionals to be aware of the scheme, noting that the agency has seen a 400 percent surge in phishing and malware incidents during this tax season. While the text of the e-mails varies, the IRS has identified three common variants:

  • Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.
  • Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).
  • I want you to send me the list of W-2 copy of employees wage and tax statement for 2015. I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me ASAP.

Payroll and human resource employees around the country are receiving these spoofed e-mails designed to look like they are being sent by company executives who are asking for payroll data. As indicated in the IRS samples, these spoofed e-mails are usually framed as requests for W-2 forms, which contain Social Security numbers and other personally identifiable information. A simple Internet search demonstrates that numerous companies have fallen victim to this scheme so far this year.

Following the IRS alert, California Attorney General Kamila Harris issued a consumer alert on March 19 warning California businesses to be aware of this spear phishing scheme and urging them to implement preventive security measures. These measures include restricting access to sensitive data to specific employees on a “need to know” basis.

The IRS Report may be found here.

The California Attorney General’s consumer alert may be found here.

Reporters, Nicholas A. Oldham, Washington, DC, + 1 202 636 3740, noldham@kslaw.com and Jennifer Raghavan, San Francisco, +1 415 318 1234, jraghavan@kslaw.com

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Written by:

King & Spalding

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide