Extreme Caution Advised for Businesses and Not-for-Profits – IRS Issues High Alert for Mass Data Theft

Reading Time: 3 minutes


How to Be Vigilant Against W-2 Phishing Scams and Requesting Tax Sensitive Information and Wire Transfer Requests

With the rapid influx of W-2 phishing scam reports, the Internal Revenue Service (IRS) and state tax agencies have issued a serious threat alert applicable to all businesses and organizations.

Both corporate and not-for-profit entities are at risk, and as such are being advised to be vigilant and guarded against the recent uptick in W-2 scammers who are stealing employee information, as well as implementing wire transfer schemes.

“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme,’’ said IRS Commissioner John Koskinen.

Employers are advised to report W-2 thefts immediately to the IRS so that they can effectively protect employees from identity theft.

There are a number of safeguards being utilized by the Security Summit (a partnership between the IRS, state security agencies and the tax industry) that can identify fraudulent returns filed through scams.

How the W-2 Scam Works:

Business email spoofing techniques, where criminals send emails appearing to be from an executive’s email address within that organization, are sent to employees in payroll or human resources departments. The cybercriminals, posing as the executives, request employee lists as well as their W-2 Forms.

Safeguarding Your Organization:

All employees should be informed and on high alert for the W-2 scam. The Security Summit is seeing a surge of this scam activity, affecting corporations and organizations more broadly, and in some cases, repeatedly.

Organizations should also be careful with emails appearing to be from executives – specifically to payroll or comptrollers – requesting a wire transfer to an account. This additional request has often accompanied the W-2 scam email and has resulted in thousands of dollars lost.

To proactively avert being victimized, organizations should share this alert with payroll, human resources and finance employees. You should also consider setting up an internal verification system for W-2 and wire transfer requests to safeguard against these scams.

Reporting the W-2 Scam

  • Employers: If your organization receives a W-2 scam email, immediately forward it to phishing@irs.gov with a subject line that says “W2 Scam.” Should you receive, or fall victim to, a scam email, file a complaint with the FBI’s Internet Crime Complaint Center (IC3).
  • Employees: If an individual’s Forms W-2 have been stolen, each affected employee should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft.

They will need to file a Form 14039, Identity Theft Affidavit, if the employee’s own tax return rejects due to a duplicate Social Security number or per IRS instructions.

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.


Join 14,000+ business executives and decision makers

Upcoming Events

Latest Insights

About The Author