Insights: Article

Dangerous W-2 Phishing Scam Evolving: Targets Include Hospitals

By Anders Erickson

January 02, 2017

A dangerous email phishing scam could affect your hospital.

Cyber criminals are using spoofing techniques to disguise an email, making it appear like it's coming from an executive within the organization so that the recipient (usually in the payroll or HR department) feels compelled to respond. The cyber criminal asks for a list of employees and their W-2s. They intend to use this information to fake a tax return and fraudulently collect an employee's refund before the employee files themselves. Cyber criminals may also be asking to wire money, and continue to evolve their scams.

The IRS issued an alert in February to all employers to beware of the emerging phishing email scheme. It's spreading to many industries, including health care, school districts, tribal casinos, chain restaurants, temporary staffing agencies, and shipping and freight.

If you believe that your organization has been a victim of these types of scams, you can:

  • Report the W-2 thefts to the IRS immediately so that they can begin to help protect the employees from tax-related identity theft. Forward to phishing@irs.gov and place "W2 Scam" in the subject line.
  • File a complaint with the Internet Crime Complaint Center (IC3,) operated by the Federal Bureau of Investigation.


If you are an employee whose W-2 has been stolen:

  • You should review the recommended actions by the Federal Trade Commission at www.identitytheft.gov or the IRS at www.irs.gov/identitytheft.
  • File a Form 14039, Identity Theft Affidavit, if your tax return gets rejected because of a duplicate Social Security number and/or if instructed to do so by the IRS.


If your organization has avoided scams so far, there are measures to take to prevent future attacks. You can:

  • Consult cybersecurity experts about how to establish a culture of security at your organization.
  • Enact policies and procedures safeguarding the handling of W-2s during tax season.
  • Encourage your employees to be safe online and avoid scam sites fronting as tax return eService sites.


Questions?
For more information about cybersecurity, please contact your Eide Bailly representative or Eide Bailly's Cybersecurity Leader Anders Erickson at 208.383.4731 or aerickson@eidebailly.com.

Latest Insights

November 16, 2018
Video
If your business sells or operates in more than one state, it’s important to understand the concept of nexus. Depending on how you’re earning revenue, having nexus could impose a variety of taxes, which vary state to state. Learn more in our…
November 15, 2018
Article
Until recently, many businesses weren’t overly concerned about sales tax. They knew they needed to collect and remit in the state in which they resided, but beyond that, their compliance burden was limited.
November 12, 2018
Article
This insight explores what dealerships can expect from the proposed section 199A regulations under tax reform.
November 8, 2018
Article
Are you a business taxpayer with annual gross receipts of $25 Million or less? If so, you may be eligible to take advantage of new Small Taxpayer Safe Harbors that could generate significant tax savings and simplify your tax returns in future years!
November 8, 2018
Article
Considered the most significant tax code overhaul in over three decades, the Tax Cuts and Jobs Act passed in 2017 includes provisions affecting both individuals and businesses.
November 7, 2018
Recorded Webinar
State and local sales tax compliance is always evolving, making it important to stay up-to-date on changes affecting your tax liability and responsibilities. This session will cover what you need to know regarding the recently enacted state and…
November 7, 2018
Article
“Why is my portfolio underperforming the market?” This question may be on your mind.
November 5, 2018
Article
Identify your implementation methodology. There are four practical expedients available. We'll explore each option.
November 5, 2018
Article
Deeper dive into ASU 2016 liquidity.