There is a wave of W-2 phishing attacks going on. We see these coming in through thousands of reported scam attempts via our Phishing Alert Button. The FBI and the IRS have repeatedly posted warnings that these attacks have started early and that the volume has gone up significantly this year.
Remember those Nigerian prince emails? They are also called 'Nigerian 419' scams because the first wave of them came from Nigeria. The '419' part of the name comes from the section of Nigeria's Criminal Code which outlaws the practice. Well, those gangs have all "growed up" and they are now behind many of today's W-2 scams. It is surprisingly easy to do a little bit of research and send a spoofed email that looks like it is from the CEO.
These W-2 scams are hitting everywhere, even a Cybersecurity Contractor was hit with one of these. On Thursday, March 16, the CEO of Defense Point Security, LLC — a Virginia company that bills itself as “the choice provider of cyber security services to the federal government” — told all employees that their W-2 tax data was handed directly to fraudsters after someone inside the company fell for a W-2 spear phishing attack.
What To Do About It
I strongly suggest you send this to all employees, and mark it as important for all staff in HR, Legal and Accounting. Feel free to copy/paste/edit:
"This year, authorities are warning about a massive wave of W-2 tax form phishing scams. Cyber criminals are sending "spoofed" emails that look like they come from the CEO or another C-level executive and ask for a PDF with the W-2 tax information of all employees. The W-2's have all the information needed to file fraudulent tax returns and steal anyone's identity.
Here are five steps to prevent an incredible amount of hassle and possible damage:
- If you receive any email requesting any kind of W-2 tax information, pick up the phone and verify that request before you email anything to anybody.
- File your taxes at the state and federal level as quickly as you can, or file for an October 16 extension early, before the bad guys can file a bogus claim.
- Consider filing form 14039 and request an IP PIN from the government. Form 14039 requires you to state you believe you are likely to be a victim of identity fraud. Even if cyber criminals haven’t tried to file a bogus tax return in your name, virtually every American's data has been stolen which can lead to your identity being stolen.
- Every 4 months, get a free once-a-year credit report from the three major credit bureaus. Get them on your calendar (cycle through them) and dispute any unauthorized activity.
- Place a "security freeze" or "credit freeze" on your files with all three credit bureaus to prevent ID thieves from assuming your identity and open up a line of credit in your name.
This time of year, it is more important than ever to Think Before You Click!
What you can do right now is
Get Your No-Charge Domain Spoof Test
Can hackers spoof an email address of your own domain?
Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.
Would you like to know if hackers can spoof your domain? KnowBe4 can help you find out if this is the case with our no-charge Domain Spoof Test. It's quick, easy and often a shocking discovery. Find out now if your email server is configured correctly, 82% are not! It's one simple email from us to you, and you get immediate results.
Don't like to click on redirected buttons? Cut and paste this link in your browser instead:
https://www.knowbe4.com/domain-spoof-test/
Let's stay safe out there.
Warm regards,Stu Sjouwerman
Founder and CEO, KnowBe4, Inc.
