Engagement Multiplier Award - Florida Business Innovation - Florida Business Insurance
Lanier Upshaw Receives Accredited Engaged Organization Award
March 16, 2017
Florida Workplace Wellness
6 Tips for Onboarding Your New Florida Employees
March 27, 2017

IRS Cautions Against W-2 Phishing Scams

Florida Business Insurance - Florida Personal Insurance

Numerous businesses became victims to the rise of phishing scams involving W-2 forms in 2016. The IRS warned consumers and businesses in an alert related to these schemes when they discovered that there was a 400% increase in phishing and malware attacks during 2016. As the tax filing season is well underway in 2017 the IRS has released an alert that these W-2 phishing schemes have not only had a major impact in the corporate world, but are gaining traction in other sectors such as school districts and non-profit entities.

While phishing scams can be difficult to plan for or predict, it’s important that HR and payroll departments are educated so they are able to prevent their organization falling victim to these types of schemes. Suitable training can help employees:

  • identify the most common types of phishing scams
  • what steps can be taken to prepare an effective response if an employee is targeted
  • how to ensure email information is confirmed as legitimate
  • what an employee should do if they are the intended target of a phishing scam
  • what organizational policies and procedures are in place regarding safeguarding personal information
  • understand why they should not download attachments or click on links from unknown email senders
  • identify affected former and current employees who may have sent W-2s to an attacker
  • understand the importance of preserving copies of the phishing email and response in the case there is an investigation by law enforcement
  • prepare messaging that can be sent to employees once an investigation offers accurate information that can be disseminated within the company,
  • have contact information for the FBI, IRS and state tax authorities in the case of an incident
  • understand the role of credit monitoring and identity theft resolution services and how to access them
  • engage legal counsel to determine notification requirements to individuals and regulatory agencies, whenever applicable.

It’s important that temp employees and contractors are informed as they have a higher chance of being targeted because they are newer and lack familiarity with the company. Each organization should appoint key internal individuals that have a high security clearance to be notified in the event an employee has potentially responded to a phishing email. Having an identified team in place prior to a phishing event can ensure that it will respond promptly and appropriately should an incident occur.

It’s clear that IRS W-2 phishing scams will continue to promulgate in 2017. Companies and other organizations need to provide their employees with appropriate information so they can recognize and prevent falling victim to phishing emails. And, in case an employee does fall prey, companies need to be prepared to respond in a coordinated and consistent way. If you or your business is concerned with phishing scams and cyber theft, contact the experts at Lanier Upshaw and learn how you can be protected.