Cyber criminals are using emails with forged return addresses to trick payroll and human resources workers into sending them employees’ personal information, officials warn.
Internal Revenue Service (IRS) officials say criminals often “phish” for employees’ W-2 forms and other personal records by using emails that look as if they come from the targeted company’s chief executive officer.
See also: Data security gurus to corporate lawyers: Get to know the FBI
In a typical phishing email, the “CEO” may ask a payroll office employee for a list of employees, and the employees’ Social Security numbers.
One email IRS investigators found asked the recipient to, “Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
In another email, a phisher wrote, “Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as of 2/2/2016.”
The criminals who succeed at getting the employees’ personal information can use it to capture the employees’ tax refunds, by filing fraudulent tax returns, officials say.
The IRS has detected a 400 percent increase in the total number of known incidents involving phishing and malicious software this tax season, officials say.