IT Consultants' Insight on Business Technology | NSK Inc.

W-2 Phishing Scam Happening Through Emails

Posted by Steven Lai Fri, Mar 24, 2017

 Scam requests for W-2's

Numerous scams have been happening through emails. The scam consist of requests for W-2 information from individuals. The scam emails are designed to look like they was sent from a CEO or other excuitive member, asking for employees W-2 information.  The FBI and IRS have posted warnings about this criminal activity and have stated the volume of the scam emails have increased drastically. 

 

W2_phishing_hook_scam

Already Victimized

The scam emails have been spreading like wildfire and rapidly to the point where even cyber security companies are concerned for themselves and their employees. Some of thse security companies have already become victims.W2_scam_phising_hook_caught_a_victimAn example of one of these companies is Defense Point Security; a cyber security company who became a victim to fraudsters after one of their employees fell for the spear phishing attack. (Spear pishing is a online attack, aimed towards a specific individual or department of a organization). 

 

Eight_ways_to_prevent_email_Phising_scam

Ways To Prevent the Email Scams

  1. Let managers, IT and HR members know ASAP.
  2. File all of your taxes as quickly as possible. The fraudsters are making bogus claims before the April 15th deadline.
  3. File a 14039 form and request an IP pin from the government.  This is benefical because it allows the IRS to understand that you have been a victim of identity theft in the past. 
  4.  Identify the email addresses. There should be a group of your colleagues within your email server. If the email is not the same as your group of colleagues then that is a sign of a  fraudulent email.
  5. Do not display employees emails on the company's WEBSITE!
  6. There are many programs that secure your email. For instance KnowBe4’s Phish Alert application that your IT Service Provider should be using.
  7. Place a security freeze on your files with the three top credit bureaus to prevent ID thieves from accessing your credit. Without a security freeze, thievies can open up a line of credit with your name on it!
  8. Get a credit report frequently to analyze any suspicious activity in your name.

Sources: https://info.knowbe4.com/domain-spoof-test-chn

https://blog.knowbe4.com/scam-of-the-week-new-fbi-and-irs-alerts-against-w-2-phishing

https://www.knowbe4.com/spear-phishing/

 

 

 

Topics: Data Security, cybersecurity, email security, Phishing