New Imposter Fraud Scam: Request for W-2 data

Fraudsters are putting a new twist on imposter or business email compromise fraud. The fraud still starts out with a spoofed or compromised email address appearing to be from an executive, but instead of sending an email asking for a wire to be processed, the fraudster is asking for employees' W-2 documents. With tax season underway, the ultimate goal is to obtain information to commit tax refund fraud. There's also the chance that the data can be used for other types of fraud, identity theft, or worse, amended tax returns (1040X).

It isn't just about W-2 data - these scams can target anything that's of value to your company. The bottom line: Warn your employees that there is a new strain of imposter fraud requesting confidential information. It should be standard policy that a request for such data should be verbally verified.

Click here for more information about this new scam. 

For more best practices, visit our Fraud Prevention Center.

©SVB Financial Group. All rights reserved. Silicon Valley Bank is a member of the FDIC and of the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group (Nasdaq: SIVB). SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license.

This material is provided for informational purposes only. The conclusions expressed are based upon limited information available to Silicon Valley Bank regarding your company's fraud detection and prevention programs, and should not be seen as a substitute for obtaining your own independent assessment of such programs. The security of your operating system and your procedures for conducting banking transactions with us remains your responsibility. Silicon Valley Bank is not responsible for any cost, claim or loss associated with your use of this material.   

Krebs on Security is not affiliated with Silicon Valley Bank or any of its affiliates.

About the Author

Debi Kutaka is the Senior Fraud Risk Manager on SVB’s Financial Crimes Risk Management team. She is responsible for managing fraud risk and enhancing fraud prevention awareness. In her role, she is focused on  minimizing monetary losses and financial crime for the bank and its  customers through fraud risk analysis, fraud prevention education and client implementation of fraud prevention tools to enhance client security.

With SVB since 2005, her experience includes extensive knowledge of global fraud trends, implementing enhancements of controls, policies and  procedures, assisting business units with efforts to adhere to fraud risk  management best practices and conducting investigations on behalf of our clients.

Debi earned a B.S. in Marketing from San Jose State University and has more than 16 years of banking experience.