The IRS and the State Department of Revenue are announcing a scam that has recently expanded from corporate targets to targets in the non-profit and education fields.
The scam is an email phishing scheme where cyber-criminals disguise an email so that it looks like it’s coming from an executive in the organization, and it’s sent to the payroll or HR departments, requesting W-2 forms from everyone in the organization. When that’s done, the criminals have personal information that they can use to commit crimes. In a twist, there is sometimes a follow-up fake “executive” email to the organization’s payroll or comptroller staff, asking to wire-transfer to a certain account.
The scam first appeared last year, and has expanded to schools, chain restaurants, temporary staffing agencies, healthcare and shipping and freight companies.
Both the IRS and the PA Department of Revenue say that employers victimized by this scam should report the W-2 thefts to them, and organizations that receive one of the fake emails should forward it to both organizations. For the PA Department of Revenue, email to RA-RVPITFRAUD@pa.gov and to email the IRS, send to phishing@irs.gov.
Employees who believe their W-2 information stolen should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or through the IRS at www.IRS.gov/identitytheft.
