{"id":393,"date":"2016-03-01T15:00:54","date_gmt":"2016-03-01T21:00:54","guid":{"rendered":"http:\/\/www.cookco.us\/news\/?p=393"},"modified":"2016-03-01T15:00:54","modified_gmt":"2016-03-01T21:00:54","slug":"phishing-scheme-involving-w-2s","status":"publish","type":"post","link":"https:\/\/cookco.us\/news\/phishing-scheme-involving-w-2s\/","title":{"rendered":"Phishing Scheme Involving W-2s"},"content":{"rendered":"<p id=\"paragraph_7Rx8NqkFra8\"><span id=\"text_dul1cdsHPHA\">The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees.<\/span><\/p>\n<p id=\"paragraph_KKx8NqUFra8\"><span id=\"text__UWIMIqksR6\">The IRS has learned this scheme \u2013 part of the surge in phishing emails seen this year \u2013 already has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information to cybercriminals posing as company executives.<\/span><\/p>\n<p id=\"paragraph_XDx8NqEFra8\"><span id=\"text_Op23odUpHu7\" class=\"TextBodySpecial\">\u201cThis is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data. Now the criminals are focusing their schemes on company payroll departments,\u201d said IRS Commissioner John Koskinen. \u201cIf your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.\u201d<\/span><\/p>\n<p id=\"paragraph_k6x8Nq_Fra8\"><span id=\"text_JMkZnGK61f5\">IRS Criminal Investigation already is reviewing several cases in which people have been tricked into sharing SSNs with what turned out to be cybercriminals. Criminals using personal information stolen elsewhere seek to monetize data, including by filing fraudulent tax returns for refunds.<\/span><\/p>\n<p id=\"paragraph_Jsx8NqkGra8\"><span id=\"text_M3JmlPGjY8A\">This phishing variation is known as a \u201cspoofing\u201d email. It will contain, for example, the actual name of the company chief executive officer. In this variation, the \u201cCEO\u201d sends an email to a company payroll office employee and requests a list of employees and information including SSNs.<\/span><\/p>\n<p id=\"paragraph_Wlx8NqUGra8\"><span id=\"text_ODTjsxN2wW9\">The following are some of the details contained in the e-mails:<\/span><\/p>\n<ul>\n<li id=\"paragraph_yCEW0QLzIb_\"><span id=\"text_gMjGk-HYqa5\">Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review<\/span><\/li>\n<li id=\"paragraph_lJEW0QbzIb_\"><span id=\"text_AIOcWNGN4g6\">Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as at 2\/2\/2016.<\/span><\/li>\n<li id=\"paragraph_M-EW0QryIb_\"><span id=\"text_hX-4dyo3fJ1\">I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.<\/span><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees. The IRS has learned this scheme \u2013 part of the surge in phishing emails seen this year \u2013 already has [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":395,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2016-03-17T16:38:35Z","apple_news_api_id":"fb60ae5e-ddd9-4d1c-a77e-04dae2d77d1d","apple_news_api_modified_at":"2016-03-17T16:38:35Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/A-2CuXt3ZTRynfgTa4td9HQ","apple_news_cover_media_provider":"image","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_cover_video_id":0,"apple_news_cover_video_url":"","apple_news_cover_embedwebvideo_url":"","apple_news_is_hidden":"","apple_news_is_paid":"","apple_news_is_preview":"","apple_news_is_sponsored":"","apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":[],"apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[1],"tags":[11],"class_list":["post-393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-phishing-scams"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/posts\/393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/comments?post=393"}],"version-history":[{"count":0,"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/posts\/393\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/media\/395"}],"wp:attachment":[{"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/media?parent=393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/categories?post=393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cookco.us\/news\/wp-json\/wp\/v2\/tags?post=393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}