W-2 Season is Around the Corner

By Drew M. Smith

As the holidays draw near and a New Year dawns, a very important season will begin in earnest for many people. It’s time for the W-2’s to be sent out for tax purposes. These important documents are necessary to send to the IRS to get your refunds if you’re eligible for one.

What this means is that this is possibly the best time for your identity to be stolen. Hackers love the period between the beginning of the year and April 15th, the time taxes are due. This is because this is time where your personal data is most vulnerable as you use it to file your taxes. As a result, this is when hackers are most active.

The method they use is similar in almost all cases. A false e-mail is generated and sent to an employee asking for payroll or tax information. The email looks valid as it would come from a familiar source, possibly their CEO, another officer or their accountant. The unwary victim clicks on it and seeing it comes from a known source at the top sends the requested records. When employees go to file their taxes later, they find their tax returns were already filed and their refund was stolen. A 2017 post from the IRS stated:

  1. As of February 5th 2017, there were attacks involving 29 thousand victims, all of which involved W-2’s.
  2. The victims include among others 10 school systems, a restaurant in Indianapolis and several companies that deal with financial and medical data.

In 2016, the scammers were just targeting the W-2’s. This year, hackers have stepped up their game and demanded wire transfers from the unsuspecting victims.1

One example comes from a company that had long lasting consequences. An employee received an email from their CFO. They asked the victim to send the W-2’s so he could file the tax returns. The employee complied and sent approximately 200 of the company’s W-2’s to the fake address and went about their business. It was only when the employees filed their own taxes did it become apparent what happened. Scammers had filed fraudulent tax returns in their names.

This led to employees being unable to get their proper refunds and had to wait up to 18 months for their refund. When it was brought up to the IRS, they locked their accounts down and launched an investigation. When it was settled, the victims unfortunately received more bad news. The IRS had to deny their ability to electronically do their returns for the foreseeable future, forcing them to file manually for the next several years. Even though the matter was reported to the IRS, they still paid for the hacker’s exploits.

With the rise of hackers and the inevitable chaos of the tax season, it can be quite easy to make a mistake. To keep ahead of them, do not open any unknown emails. In addition, all files related to taxes should not be sent via a public e-mail. You also need to verbally confirm all details related to these requests as they would not normally be sent to employees. Save yourself the headache, don’t fall for these hacks.


Risk Management, Insurance Articles, Privacy/Network Security, Professional Liability

Recent Posts


See all