Skip to main content


Business taxpayers should be extra alert for cybercriminals attempting to steal W-2 forms and other sensitive information through a phishing scam.

In a typical scenario, cybercriminals impersonate persons of authority within a company and send an email to payroll personnel asking for copies of all employee W-2 forms. The scammers do their homework about an entity’s organizational chart and all communications appear legitimate.

A W-2 form contains an employee’s name, address, Social Security number, income and withholdings. Cybercriminals use that information to file fraudulent tax returns, or they post it for sale on the “Dark Web.”

“Businesses need to be aware of this scam,” said Deputy State Treasurer Glenn White, head of Treasury’s Tax Administration Group. “Make time today to educate your employees about internal security processes for appropriately distributing sensitive information. With state income tax filing season rapidly approaching, cybercriminals will be out in full force to take advantage of taxpayers.”

The Internal Revenue Service reports the scam has affected all types of employers, from small and large businesses to public schools and universities, hospitals, tribal governments and charities.

The W-2 phishing scam has gained momentum nationwide over the last two tax years. The IRS reports more than 200 employers were victimized nationwide in 2017, affecting hundreds of thousands of employees who had their identities compromised.

Business taxpayers who receive this type of email are asked to report the encounter to  To learn more about identity theft, go to