It doesn’t seem possible, but the end of the year and the beginning of “tax season” are not that far off. And with that comes the beginning of tax refund fraud season. One of the most popular and effective refund scams goes right to the source -- and collects W-2’s from a company’s HR or accounting personnel. We encountered this twice last year, just among our clients, and here’s how it works…
The HR manager, who we’ll call ‘Mary’ receives an email from the CEO, who we’ll call ‘Jim’.
“Mary, I need you to send me our employees’ W-2’s for 2015. PDF is fine, as an email attachment, asap. Thanks, Jim”.
The email looks like it came from Jim. Jim is within his authority to make such a request. Mary has, or can quickly collect, the information. However, Mary thinks this is an odd thing for Jim to be asking -- and she walks down the hall and talks to Jim, who knows nothing about such a request.
They contact us. “Where did this email come from?” In looking a little closer, we see that the actual reply email for Jim isn’t Jim’s at all, but a made-up email address that’s close to Jim’s. If Mary had replied with the information, the fake Jim would have received all the employees’ W-2’s with their full name, address, wages and Social Security numbers. A potentially huge tax refund fraud and/or identity theft was dodged.
Last year, it’s estimated that refund scammers stole W-2 information on more than 300,000 people right from the IRS Web site! The bad guys also grabbed countless online payroll management account credentials used by HR personnel. In fact, the FTC revealed recently that tax refund fraud was responsible for as much as a 50% increase in identity theft complaints over the past year.
But, one of the simplest ways for the cyber criminals to get this information is to simply ask for it, posing as someone with a right to know it. We offer a number of technical solutions to address these kinds of network and information security issues. But one of the most effective countermeasures in dealing with fraud remains user awareness – and we can help with that, too.
