Santa Monica Lookout
B e s t   l o c a l   s o u r c e   f o r   n e w s   a n d   i n f o r m a t i o n

IRS Warns of Payroll Email Scheme
Santa Monica Real Estate Company, Roque and Mark
Roque & Mark Real Estate
2802 Santa Monica Boulevard
Santa Monica, CA 90404
(310)828-7525 - roque-mark.com


Harding Larmore Kutcher & Kozal, LLP  law firm
Harding, Larmore
Kutcher & Kozal, LLP


Convention and Visitors Bureau Santa Monica

By Jorge Casuso

March 29, 2016 -- Cybercriminals posing as company executives are seeking to obtain payroll data in what is an "emerging phishing email scheme" that has claimed five victims in the LA area, IRS officials said Monday.

The criminals will typically request W-2 Forms that contain Social Security numbers and "other personally identifiable information" from company payroll and human resources offices, said federal officials, who issued an alert during a press conference at FBI headquarters in Westwood..

“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data," IRS Commissioner John Koskinen said in a statement. "Now the criminals are focusing their schemes on company payroll departments.

"If your CEO appears to be emailing you for a list of company employees, check it out before you respond," Koskinen said. "Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.”

The cybercriminals will trick their victims into thinking their email is from a company executive by changing one character in the executive's email address or obtaining the actual email by hacking into the system, said Special Agent Andrew Lee, a spokesman for the IRS regional office.

The cybercriminals, Lee told The Lookout, "will determine how an executive corresponds. Sometimes there's an urgency. I need to go into a meeting, and I need this information right now," he said.

Some of the details contained in the e-mails include the following:

Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.

Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as of 2/2/2016.

I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

The criminals will then use the stolen information to engage in illegal schemes, including filing fraudulent tax returns for refunds, authorities said.

Since February, federal authorities have investigated cyberattacks at 11 companies in the western states, but there are probably hundreds of companies that have been targeted in the scheme, Lee said, saying that several of the attacks under investigation took place on the Westside.

"Companies need to come forward and let us know" if they have been targeted, he said.

IRS agents have seen a 400 percent hike in phishing and malware incidents and other reports of scams so far this tax season, officials said.

"The emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies," officials said.

"The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information."

Those who suspect they have been targeted in a W-2 phishing scheme should immediately report the incident to their local IRS Criminal Investigation office. Those in the Los Angeles area can call (213) 576-3232.


Back to Lookout News copyrightCopyright 1999-2016 surfsantamonica.com. All Rights Reserved. EMAIL Disclosures