Insights: Article

Dangerous W-2 Phishing Scam Evolving: Targets Include Hospitals

By   Anders Erickson

January 02, 2017

A dangerous email phishing scam could affect your hospital.

Cyber criminals are using spoofing techniques to disguise an email, making it appear like it's coming from an executive within the organization so that the recipient (usually in the payroll or HR department) feels compelled to respond. The cyber criminal asks for a list of employees and their W-2s. They intend to use this information to fake a tax return and fraudulently collect an employee's refund before the employee files themselves. Cyber criminals may also be asking to wire money, and continue to evolve their scams.

The IRS issued an alert in February to all employers to beware of the emerging phishing email scheme. It's spreading to many industries, including health care, school districts, tribal casinos, chain restaurants, temporary staffing agencies, and shipping and freight.

If you believe that your organization has been a victim of these types of scams, you can:

  • Report the W-2 thefts to the IRS immediately so that they can begin to help protect the employees from tax-related identity theft. Forward to phishing@irs.gov and place "W2 Scam" in the subject line.
  • File a complaint with the Internet Crime Complaint Center (IC3,) operated by the Federal Bureau of Investigation.


If you are an employee whose W-2 has been stolen:

  • You should review the recommended actions by the Federal Trade Commission atwww.identitytheft.gov or the IRS at www.irs.gov/identitytheft.
  • File a Form 14039, Identity Theft Affidavit, if your tax return gets rejected because of a duplicate Social Security number and/or if instructed to do so by the IRS.


If your organization has avoided scams so far, there are measures to take to prevent future attacks. You can:

  • Consult cyber security experts about how to establish a culture of security at your organization.
  • Enact policies and procedures safeguarding the handling of W-2s during tax season.
  • Encourage your employees to be safe online and avoid scam sites fronting as tax return eService sites.


Questions?
For more information about cyber security, please contact your Eide Bailly representative or Eide Bailly's Cyber Security Leader Anders Erickson at 208.383.4731 or aerickson@eidebailly.com.

Latest Insights

May 25, 2018
Article
While revenue recognition implementation guidance under FASB is still being finalized, a significant portion of health care industry information is now available.
May 25, 2018
Article
Did your U.S. business have direct or indirect ownership or control by a foreign person or enterprise at any time during 2017? If yes, you need to read on.
May 24, 2018
Article
Do you owe tax in Alabama, Connecticut, Indiana or Texas? If so, you should consider participating in an available amnesty program.
May 21, 2018
Firm News
Today, accounting firm Brad Rhodes and Associates of Greenwood Village, Colo.
May 21, 2018
Article
The mission of the organization may sing to your heart strings, but sometimes the nicest people who appear to live for the mission create unimaginable havoc, and you can’t turn a blind eye.
May 21, 2018
Article
Whether it be accidentally or on purpose we have all deleted a file.