Skip to main content

As the 2020 individual income tax filing season approaches, business taxpayers should be alert for cybercriminals attempting to steal W-2 forms and other sensitive information through a phishing scam.

In a typical scenario, cybercriminals impersonate bosses within a company and send an email to payroll personnel asking for copies of all employee W-2 forms. The scammers do their homework about business’s organizational chart and all communications appear legitimate.

A W-2 form contains an employee’s name, address, Social Security number, income and withholdings. Cybercriminals use that information to file state income tax returns and steal refunds, or they post it for sale on the “Dark Web.”

“Business taxpayers need to be aware of this reoccurring scam,” said Deputy State Treasurer Glenn White, who oversees Treasury’s Tax Administration programs. “Please educate your employees about internal security processes for appropriately distributing sensitive information. As the income tax season approaches, cybercriminals will be out in full force to take advantage of taxpayers.”

The Internal Revenue Service reports the scam has affected all types of employers, from small and large businesses to public schools and universities, hospitals, tribal governments and charities. A common theme in this scam and other email scams is that the copy includes grammatical and spelling mistakes.