The Internal Revenue Service (IRS) on February 2, 2017 issued IR-2017-20 alerting employers that a Form W-2 email phishing scam, which first appeared last year, is circulating earlier this tax season and is spreading beyond the corporate arena to a broader array of organizations, including school districts, tribal casinos, chain restaurants, temporary staffing agencies, healthcare, and shipping and freight. Businesses that received the scam email last year also are reporting receiving it again this year. In addition, these cybercriminals stealing employee W-2 information are coupling their efforts with an older wire transfer scheme that is victimizing some organizations twice..
This Form W-2 scam is just one of several new variations of identity theft appearing in the past year that focus on the large-scale thefts of sensitive tax information from tax preparers, businesses, and payroll companies. While individual taxpayers also can be targets of phishing scams, cybercriminals seem to be focusing their efforts on mass data thefts. The IRS is warning all types of employers to be on guard against the scam. IR-2017-20 provides information on what employers and employees should do if they encounter or fall victim to this W-2 scam.
When taxpayer information is stolen the effect on an employer can be significant, including financial loss, adverse consequences for employees if their personal information is compromised, damage to business reputation, and significant time and resources spent to correct resulting tax and financial implications. It is important that organizations act quickly with respect to schemes targeting taxpayer information. The relevant information regarding identity theft should be provided promptly to the IRS and state tax agencies so that they can act to mitigate fraudulent tax filings and erroneous refunds. We can help organizations navigate this issue with the IRS and state tax agencies.