Fraudsters are putting a new twist on imposter or business email compromise fraud. The fraud still starts out with a spoofed or compromised email address appearing to be from an executive, but instead of sending an email asking for a wire to be processed, the fraudster is asking for employees' W-2 documents. With tax season underway, the ultimate goal is to obtain information to commit tax refund fraud. There's also the chance that the data can be used for other types of fraud, identity theft, or worse, amended tax returns (1040X).
It isn't just about W-2 data - these scams can target anything that's of value to your company. The bottom line: Warn your employees that there is a new strain of imposter fraud requesting confidential information. It should be standard policy that a request for such data should be verbally verified.
Click here for more information about this new scam.
For more best practices, visit our Fraud Prevention Center.
This material, including without limitation to the statistical information herein, is provided for informational purposes only. The material is based in part on information from third-party sources that we believe to be reliable, but which have not been independently verified by us and for this reason we do not represent that the information is accurate or complete. The information should not be viewed as tax, investment, legal or other advice nor is it to be relied on in making an investment or other decision. You should obtain relevant and specific professional advice before making any investment decision. Nothing relating to the material should be construed as a solicitation, offer or recommendation to acquire or dispose of any investment or to engage in any other transaction.
Krebs on Security is not affiliated with Silicon Valley Bank or any of its affiliates.