Protect Your Personal Information This Tax Season

As tax season looms, it is important to keep in mind the increased threat of particular cyber-attacks and schemes. Be on the lookout for cyber criminals employing sophisticated social engineering tactics to trick businesses into providing their employees’ W-2 information in order to file fraudulent tax returns in their names.

We strongly recommend that you take the time to review cyber-safety policies and procedures with your employees in order to safeguard your business. Be sure to include the following:

• Emphasize a “Think Before You Click” policy – Encourage your employees to double-check for suspicious email content before following any embedded links or downloading any attachments.
• Educate employees about the marks of a typical phishing email – W-2 phishing emails often appear to be sent from a high-level executive and generally ask for tax information to be emailed or uploaded.
• Encourage the practice of seeking verbal confirmation – Urge your employees to confirm email asking for sensitive data in person or via phone call in order to verify the authenticity of the requests.

Taking the time to make sure your employees are aware of the critical roles they play in protecting your organization’s data can go a long way in preventing you from falling victim to cyber-crime.

If you receive a suspect email but do not fall victim to the scam, forward the email to phishing@irs.gov; in the event of a W-2 theft, be sure to report the loss to dataloss@irs.gov.