Criminals Now Target School Districts and SMBs to Commit W-2 Tax Fraud

With the tax season in full effect, cybercirminals are once again trying to take advantage of unsuspecting consumers and enterprises. A new type of W-2 fraud has been discovered, which is now going well beyond the traditional business sector. Colleges and SMBs are prime targets for this type of W-2 fraud as well, by the look of things.

W-2 Tax Fraud is Picking Up In Intensity

Over the past few years, there have been multiple incidents involving W-2 tax fraud. For the longest time, cybercriminals only targeted major enterprises with these schemes, and they have been quite successful in doing so. However, it appears this tax season will see an increase in industry related fraud moving forward, as criminals are targeting SMBs and public institutions as well.

It has to be said, the list of recent companies affected by tax fraud is growing at an alarming rate. Cybercirminals are targeting school districts, nonprofits, and small businesses alike. Do not be mistaken in thinking they are no longer going after large corporations anymore, though, as they still remain very profitable targets. After all, there is no reason to fix what isn’t broken, even in the world of online crime.

One thing working in favor of cybercriminals is how W-2 fraud can become a very lucrative phishing scheme without too much effort. Moreover, the residual fallout of such attacks can take weeks, if not months, before they materialize. Assailants will impersonate company officials to obtain specific tax information or even copies of employee W-2 forms. Once this information is obtained, criminals can commit crimes, including filing fraudulent tax returns.

It is evident none of these efforts would be successful without targets willingly giving up this sensitive information in the first place. No one with legitimate intentions should ever ask for W-2 information or forms, not even from their employees. To be more precise, this information should never be asked for via email. While we live in an era where digitization has become the new norm, sensitive information needs to be treated with the utmost care and respect. Otherwise, phishing schemes like these will continue to wreak havoc.

The IRS has issued several warnings regarding malicious actors asking for W-2 information. Unfortunately, it appears these warnings have fallen on deaf ears so far. Now that school districts and SMBs are being targeted by W-2 fraud schemes as well, things will get out of hand rather quickly. It also appears this phishing scheme has gained even more success in the corporate sector this year, which is not positive by any means.

Addressing W-2 fraud is of the utmost importance, yet it appears most institutions struggle with doing so. Taking the necessary precautions is the first step, starting with the IT team coming up with ways to prevent these types of phishing attacks in the first place. Notifying HR and accounting departments can go a long way in thwarting these attacks as well. If email servers are properly configured to block spoofed emails, the number of W-2 fraud phishing attacks could decrease by as much as 80%.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.