Cyber criminals are using emails with forged return addresses to trick payroll and human resources workers into sending them employees’ personal information, officials warn.

Internal Revenue Service (IRS) officials say criminals often “phish” for employees’ W-2 forms and other personal records by using emails that look as if they come from the targeted company’s chief executive officer.

See also: Data security gurus to corporate lawyers: Get to know the FBI

In a typical phishing email, the “CEO” may ask a payroll office employee for a list of employees, and the employees’ Social Security numbers.

One email IRS investigators found asked the recipient to, “Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”

In another email, a phisher wrote, “Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as of 2/2/2016.”

The criminals who succeed at getting the employees’ personal information can use it to capture the employees’ tax refunds, by filing fraudulent tax returns, officials say.

The IRS has detected a 400 percent increase in the total number of known incidents involving phishing and malicious software this tax season, officials say.

The wave of phishing could affect insurance producers’ employee benefits clients.

The phishing attacks could also affect individual life and annuity clients, if clients’ employers share their personal information with the wrong people.

The IRS is asking employers, and any business that retains customers’ personal financial data, to use its cybersecurity guide for businesses, Safeguarding Taxpayer Data, as a source of ideas for improving data security efforts.

See also:

How to manage privacy and information security risk

Help your clients prevent tax identity theft

   

Are you following us on Facebook?