Phishing for W-2s: Keeping Your Financial Data Safe During Tax Season

Ready or not, here comes tax season.  And as you’re getting your ducks in a row, prepping your W-2 forms, and speaking with your tax advisor, cybercriminals are devising a monetary strategy of their own—one focusing on your money, that is. That’s right, these crooks are now trying to dive directly into your pocket and manipulate victims into giving up crucial financial information—primarily W-2s. From high-impact phishing scams, to sales across the Dark Web–we’ve seen the exploitation of W-2s becoming a major trend as tax season is underway.

W-2 scams can impact more people than you think, with cybercriminals expanding their targets to include schools, tribal organizations, and nonprofits. However, employees of companies have taken the lead as the largest target.

One such example is of a recent and successful phishing scam conducted against Scotty’s Brewhouse, a brew pub and restaurant in Indianapolis, in which over 4,000 employees’ W-2s were compromised. To capture this information, all it took was one phishing email sent to a payroll account employee, that requested the information of all 4,000 employees’ W-2 forms in PDF format. And the employee did as instructed.

The healthcare sector isn’t exactly safe either, as employees of two health organizations also faced, yet again, a phishing scam that compromised their W-2 forms. Both employees of the Wyoming-based Campbell County Health and of eHealthInsurance suffered at the negligence of a fellow employee when cybercriminals impersonated respective executives at each organization. In both cases, the crook got what they wanted, as the workers simply did what they were told and sent off the data.

Too lazy to conduct a phishing attack of their own, some crooks have taken instead a more streamlined approach in their quest for tax season data–simply shopping online for victims’ W-2s. You heard correctly, cybercriminals have begun to sell stolen W-2 form data on the Dark Web. One instance of this? The black market selling of 3,600 Floridians’ personal data. Made to be as easy as shopping for clothes online, each W-2 record can be laid out by wage amount and victim location, with the higher the yearly wage typically increasing the Bitcoin amount it’s being sold for, which ranges anywhere from $4 to $20.

So, whether it’s via phishing or Dark Web sales, it’s clear that cybercriminals are hungry for W-2 forms. Therefore, to ensure your personal financial information stays safe this tax season, here are a few tips:

  • File before cybercriminals do. The best and easiest defense you can take against tax seasons scams is to get your hands on your W-2, and then file as soon as possible. Since cybercriminals can launch tax attacks against a large mass of users at once—the more prompt you are to file, the less likely your data will be raked in by the cybercriminal sweep.
  • Get a copy of your credit report. Fun fact: you’re entitled to a free copy of your credit report from each of the major bureaus once a year. Therefore, make it a habit to request a copy of your file every three to four months, each time from a different credit bureau. That way, you can keep better track of and monitor any suspicious activity, and act early if something appears fishy.
  • Stay alert of phishing attempts. It’s clear that phishing is the primary tactic crooks are leveraging this tax season, so it’s crucial you stay vigilant around your inbox. This means if any unfamiliar or remotely suspicious emails come through requesting tax data, double check their legitimacy with a manager or the security department before you respond. Remember: the IRS only contacts people by snail mail, so if you get an email from someone claiming to be from the IRS, stay away.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @IntelSec_Home on Twitter, and ‘Like’ us on Facebook.

Leave a Comment

19 + seventeen =