Kindly send me the individual 2016 W-2s (PDF) and earnings summaries for all of our company staff for a quick review. This request is time-sensitive and confidential. I really appreciate your cooperation.
Whether you’re often in communication with the upper execs at your company or not, the above request would sure get your heart pumping. That’s because you’re a conscientious employee who’s always ready to help.
But take caution: just as sure as you want to aid in properly handling your company’s tax filing, cybercriminals hope to exploit that eagerness. And they do, every year, prompting the IRS to disseminate advisories and PSAs. One specific fraudster tactic that continues to claim its proverbial pound has seen astronomical increase. Phishing attacks on U.S. taxpayers have skyrocketed some 400% in recent years, and there’s good reason why.
Following age-old “bait and hook” tactics, tax season’s phishing emails often lure potential victims with phony communications, generally from purported company executives or IRS reps. Accurate company and employee data pulled from online searches and social media profiles lends credence to scammer requests. Preying on employees’ readiness to quickly comply and assist, cybercrooks use vague subject lines—e.g. “Urgent,” “Transfer” or “Request”—to pique interest. Once opened, email contents quickly work on victims’ sense of duty, and suspicion takes a backseat.
Some common email topics that should set off an alarm bell:
Kudos if you recognize an email to be a scam—they’re often hard to spot. Yet even your eagle eyes and intuition may not be a match for the cybercriminal’s determination. At times, merely opening their fraudulent message launches malware or malicious attachments that infiltrate your system and steal valuable data. The threat holds true whether email is opened from a work-related or a personal account; if it’s within the company’s network, you could be putting mega amounts of sensitive data at risk.
The cautionary tales of companies who’ve fallen victim to W-2 phishing are sobering—there’s a lot to lose. Stolen PII is a hot commodity in underground markets, and one that doesn’t lose value. In fact, harvested data can be used to stage future attacks. And as IRS agent Phyllis explains, falling victim to a tax-related scam can result in dizzying real-world financial losses.
That’s a pretty brisk reality check. But enough bad news, how about a few solutions? We’ve got those too. Stay tuned to our various communication channels for ways to combat these smooth cyber operators.
These Terms & Conditions govern your use of this website; your use of this website indicates your acceptance of these Terms & Conditions in full.
Kindly note that the information and content provided on this website does not constitute professional advice. Although we do our best to keep everything on this site correct and up-to-date, we do not guarantee the completeness or accuracy of any information provided on this website. Improvements and/or changes in the products, services and/or programs described on this website may be made at any time without notice. We must also advise that hypertext links to other websites do not constitute an endorsement, nor do we guarantee any information provided by those sites.
While we do love when users share what they find on our website, it may be used or shared only for personal purposes. The information and content provided on this website is owned or licensed by Zinc, and should not be used or disseminated for any profit or gain.
While using this website, please be aware that no insurance coverages can be bound and no amendments, supplements, or modifications can be added to your policy, new or existing, unless and until you have received a written binder from us or your insurance company.
For users outside of the US: We make no claims that the content on this web site is appropriate or may be downloaded outside of the United States. If you access the site from outside the United States, you do so at your own risk and are responsible for compliance with the laws of your jurisdiction.
Even though we work hard to ensure the security and safety of our website and its users, we cannot and do not guarantee that this website will operate error-free, nor that this website and its server are without computer viruses or other harmful material. If your use of this website or material from it results in any costs or expenses, we will not be responsible for those costs or expenses. This website and its materials are provided without any warranties of any kind, to the fullest extent permitted by law.
Please bear in mind that we will not be liable for any losses or damages arising under these Terms & Conditions or in connection with this website, whether arising in tort, contract, or otherwise – including, without limitation, any loss of profit, contracts, business, goodwill, data, income, revenue or anticipated savings.
Finally, if for any reason any portion or provision of these Terms & Conditions is ruled to be unenforceable, that provision will be enforced to the maximum extent permissible so as to affect the intent of the Terms & Conditions, and the remainder of the Terms & Conditions will continue in full force and effect.
Thanks for getting in touch! You'll receive a confirmation email shortly.