The IRS has alerted companies and human resources professionals to a new hacker scheme, in which an email that purports to be from company executives requests personal information on employees.
With hackers increasingly turning their attention to the reams of personal data, not to mention the cash, in the $5 trillion 401(k) market, it's a scheme retirement plan sponsors and administrators should also be on the watch for.
The scheme, unfortunately, has already seen some success, amid the surge in phishing e-mails so far this year.
Several companies have already fallen victim to emails that get payroll and human resources offices to mistakenly email payroll data, including Forms W-2 that contain Social Security numbers and other personally identifiable information, to cybercriminals posing as company executives.
This particular phishing scheme is characterized as “spoofing.”
The e-mail will typically contain the actual name of the company's chief executive officer and on the surface seems to come from the “CEO” to a company payroll office employee requesting a list of employees and information including SSNs.
According to the IRS, these e-mails will also contain some of the following statements, or variations on them:
“Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
“Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).”
“I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.”
“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data,” John Koskinen, the IRS commissioner, said in a statement.
Koskinen added, “Now the criminals are focusing their schemes on company payroll departments. If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.”
BenefitsPro
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
- Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
*May exclude premium content© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
