The IRS and FBI have been warning business owners about W2 scams for years. Most of these scams come in the form of suspicious emails or phone calls. Learn about the most common W2 phishing and W2 fraud scams and how to avoid them in the following article. Don’t let fraudsters get the best of your business.
How Does the Form W-2 Scam Work?
In one of the most popular types of W2 scams, a cybercriminal impersonates an executive and sends an email asking employee W2 information to an HR specialist inside the same firm.
According to the IRS, the initial email might be as basic as “hello, are you working today?” before the fraudster requests further details. Scammers may use a hacked or faked email to make the message appear to originate from the executive they are impersonating in order to make the fraud appear as credible as possible.
Cybercriminals may target junior team members or recent employees in more complex schemes, or even watch social media to decide the ideal moment to attack.
Phone Scams – How Common are They?
Phone scams are the most common during the tax season. Typically the fraudster will pose as an IRS agent and ask for W2 information and/or social security numbers. You can find a list of common scams on the website for the IRS. During these phone scams, the fraudulent individual may threaten to revoke your business license or place you under arrest if you don’t give them what they are asking for. To most, this is obviously fake, but still, thousands of people fall for this scam every single year.
It is important to know that the IRS will never call you and ask for this kind of information. They will also never make threats against you. All initial correspondence with the IRS will be sent through postal mail. If you receive one of these phone scams, contact the IRS and give the phone number of the scammer.
Phishing – What Is It?
Phishing is basically the email version of a phone scam. These emails almost always have misspelled words, read as if a non-native English speaker wrote them, and other blatant errors. Not all phishing scams are obvious though. They can come in the form of professionally written professional emails that appear to come from someone in your company asking for employee handbook. Since this is the most common scam, it is always important to reach out to the company and ensure it is a legit request. Chances are it isn’t.
American businesses lose more than $500 million every year to these phishing scams. Don’t be one of the statistics.
What causes W2 phishing scams?
W2 scams are especially prevalent during tax season. Here’s how they actually function.
In an email, a fraudster may impersonate the CEO of a corporation. The email, labeled “urgent,” is addressed to a staff person who has access to employees’ w-2 forms.
The request may require that employee tax information be returned in a single file. The tone of the email may be friendly and direct—the phony executive needs the information right away.
“Kindly email me the individual 2015 W2 (PDF) and earnings summary of all W2 of our company workers for a speedy evaluation,” the IRS says.
The employee grabs the tax paperwork and emails them back to the employer, eager to oblige.
The identity thief’s mission was completed. However, it might be terrible news for employees whose personal information has been compromised by crooks.
Why does your Form W2 require protection?
W2s are important paperwork to include when filing your taxes. They include your name, address, Social Security number, income, and tax withholdings.
That’s pretty much all a fraudster needs to perform tax-related identity theft. Tax-related identity theft happens when someone uses your stolen Social Security number to file a fake tax return.
That may not be the end of it. The same information might be used to create a new credit card or borrow money in your name.
Tips on How to Avoid W2 Scams
How can you reduce your chances of falling victim to a W2 phishing scam? Company policies are important. Individual efforts of employees also have an impact. Here are five strategies to defend yourself from W2 phishing attacks.
- Raise awareness: Employers should warn employees that the season for W2 phishing scams is upon us. Make certain that personnel, particularly those with access to tax information, are aware of the risks.
- Employers frequently have standards governing what kind of information can be delivered through email. Typically, this involves laws governing sensitive financial information. Top executives, for example, are not always permitted to make such demands by email.
- How can you avoid being a victim of a W2 scam? Company policies are essential. Employees’ individual efforts also have an influence. Here are five techniques for avoiding W2 phishing attempts.
- Raise awareness: Employers should inform their employees that the season for W2 scams and incorrect W2 has arrived. Make sure that all employees, especially those with access to tax information, are aware of the dangers.
- Employers usually have policies in place that restrict what types of information may be given by email. Typically, this pertains to rules that control sensitive financial information. For example, top executives are not usually authorized to make such demands by email.
If you feel suspicious about a phone call or email, it is always best to not give out your information. Always, always verify with your company when it comes to email requests. Do not click on any email that appears suspicious. Be alert and vigilant and use common sense, especially during tax season.