Fraudsters are putting a new twist on imposter or business email compromise fraud. The fraud still starts out with a spoofed or compromised email address appearing to be from an executive, but instead of sending an email asking for a wire to be processed, the fraudster is asking for employees' W-2 documents. With tax season underway, the ultimate goal is to obtain information to commit tax refund fraud. There's also the chance that the data can be used for other types of fraud, identity theft, or worse, amended tax returns (1040X).
It isn't just about W-2 data - these scams can target anything that's of value to your company. The bottom line: Warn your employees that there is a new strain of imposter fraud requesting confidential information. It should be standard policy that a request for such data should be verbally verified.
Click here for more information about this new scam.
For more best practices, visit our Fraud Prevention Center.
Krebs on Security is not affiliated with Silicon Valley Bank or any of its affiliates.