The IRS is warning employers to be aware of a new development in a W-2 phishing scam that combines employee data theft with bogus wire transfers.

The W-2 phishing scam – in which fake emails request details of all employees and their Forms W-2 – first appeared during last year´s tax season. Its objective is to collect data that will assist criminals in committing identity theft and filing fake tax returns.

Due to a greater awareness of the W-2 phishing scam within the corporate world – and more safeguards being introduced to identify phishing emails – the IRS reports that many attempts to scam large-scale employers have been unsuccessful. However, criminals are now targeting other sectors such as school districts, tribal organizations and nonprofits.

The new development the IRS wants employers to share with HR and Finance professionals is that cybercriminals are following up their W-2 phishing scam with a further email requesting a wire transfer to a certain account. Some companies have lost thousands of dollars in addition to disclosing their employees´ tax details as a result of this scam.

How to Report a W-2 Phishing Scam

In order to protect themselves against data theft and financial loss, the IRS is urging all employers to create an internal policy on the distribution of employee W-2 information and conducting wire transfers. Employers are also being asked to forward emails identified as W-2-related scams to phishing@irs.gov with “W2 Scam” as the subject of the forwarded email.

In the event that a W-2 phishing scam is successful, the IRS wants employers to report the theft immediately to the Internet Crime Complaint Center, while employees whose identity may have been stolen (usually apparent when a tax return is rejected because of a duplicated Social Security number) should review the actions recommended by the Federal Trade Commission at www.identitytheft.gov.

IRS Commissioner John Koskinen described the W-2 phishing scam as one of the most dangerous scams he had seen in a long time. He said: “It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme.”