Resilient-Advanced-Network-Solutions 4.jpg

Networking Intelligence

CEO Fraud and W-2 Phishing Threaten Tax Season Cybersecurity

Tax season is here. In addition to the usual headaches, there is also cyber fraud to worry about; specifically, W-2 phishing and CEO fraud.

CEO-Fraud-W-2-Phishing-Threaten-Tax-Season Cybersecurity.jpg

Last year, these scams were aimed mostly at for-profit organizations. This year, they’ve expanded their reach to school districts, government organizations, nonprofit organizations and even tribal organizations.

No sector is immune. Taxpayer privacy and tax refunds are both at risk.  

How Cyber Tax Fraud is Perpetuated

This year’s cyber tax fraud scams typically target someone in HR or payroll with a phishing email that appears to be from a higher level executive, requesting information on employees’ W-2 forms and earnings summaries.

Once an unsuspecting employee sends the “CEO” this data, the attacker now has access to all of the information they need to file fraudulent tax returns including employees’ Social Security numbers and home addresses. In addition to pocketing the tax refund money, some fraudsters will also sell these illegally obtained W-2 forms, which can go from $4 to $20 apiece on the black market.

The scam doesn’t always end here. Using CEO fraud, some perpetrators may also send an email to an executive with high access privileges requesting a wire fund transfer to get a payout from the organization itself.

Cyber Tax Fraud Risks

Employees of companies that fall victim to these scams have the privacy of their personal information compromised. In January, for example, the W-2 forms of 4,000 employees at an Indiana-based restaurant chain were compromised in a cyber tax fraud scheme. This kind of exposure can lead to a number of problems such as tax filing difficulties — in addition to the cost and stress of dealing with identify theft.

Organizations may end up sending thousands of dollars (or more) to hackers unwittingly. They also suffer serious damage to their reputation. Protecting your organization from these scams needs to be a priority. It involves:

  1. Identifying high-risk users from HR, accounting, IT and all C-level executives and subjecting them to security measures — such as controls that make it more difficult to transfer funds. Advise them to avoid making sensitive information publicly available on social media.
  2. Educating users on password management best practices, recognizing signs of fraud and how not to fall for phishing scams.
  3. Implementing security technology to reinforce control of your network environment and protect data from threats that break through. Good measures include email filtering and multi-factor authentication. Automated passwords and user ID policy enforcement are other good common sense security measures. Reinforce these measures with layers of technology including firewalls,  intrusion prevention/detection systems, antivirus and anti malware tools, and endpoint protection solutions among others.
  4. Reviewing security policies to ensure they clearly communicate guidelines and penalties for opening links and attachments from unknown sources and using USB drives on office computers.
  5. Cyber risk planning. Cybersecurity isn’t just an IT issue but something all high-level executives need to understand and model. You should have incident response plans in place to ensure everyone knows how to respond in worst-case scenarios.

Read more about protecting your employees privacy (and how to keep themselves safe) >>

If you want protection from W-2 phishing and CEO fraud but aren’t sure where to begin, take advantage of Fortinet’s free online cyber threat assessment. It’s a first step to identifying your most valuable assets, where they are and your most urgent vulnerabilities.

A partner of Fortinet,  Resilient Intelligent Networks can help you analyze the results of a cyber threat assessment; and use them to develop a cybersecurity strategy to protect you from cyber fraud this tax season and after. Contact us.

To get your FREE cyber-threat assessment and learn more >>



Recent Posts

Posts by Topic

see all

Subscribe to Blog