Tax season in the US is just a few months away, and companies are already working on compiling and distributing the W-2 forms and other tax-related information to prepare for filing. As you may have guessed, the criminals are also thinking about tax season and working out ways to steal your identity, sensitive information, and hard-earned tax refunds.
If a W2 attack is successful, the victim may suffer multiple incidents of identity theft due to the data being sold to other criminals via the dark web.
Why the W-2 form?
The W-2 tax form is a responsibility of every employer engaged in a trade or business that pays for services performed by an employee, and nearly every employee in the United States receives one of these each year. These W-2 forms detail the employee’s name, address, Social Security Number, wages, tax deductions, and other personal information. Cybercriminals and tax scammers want this information so they can steal your identity, file fraudulent tax returns or sell it on dark web. With your W-2 in hand, these criminals can generate multiple streams of income from a single identity. There are details here if you’d like to learn more about W-2 forms.
Recent research found that personally identifiable information, or PII scams, represent approximately 12% of all email attacks studied for this Barracuda Threat Spotlight on Business Email Compromise (BEC). These scams are often directed at departments like Human Relations, Finance, and Payroll because they have access to tax information.
W-2 scams do not represent a large segment of email-borne threats but they are very effective, and the number of people reporting this attack continues to grow. Internal Revenue Service reports more than 200 employers were victimized in 2017, which translates into hundreds of thousands of employees who had their identities compromised.