|
Businesses warned of phishing scam |
|
February 9, 2017 |
Attorney General Lawrence Wasden is asking
Idahoans to be on the lookout for a particularly
dangerous phishing scam that could compromise
sensitive employee data.
The IRS notified the Attorney General’s Office
this week of a scam that’s targeting schools,
restaurants, hospitals, tribal groups and
others. A number of Idaho organizations have
been targeted by this threat.
“Cybercriminals continue to seek to plunder
confidential information from Idaho businesses
and employees,” Wasden said. “This is a
particularly nefarious scam and a reminder that
we should all remain vigilant when it comes to
protecting sensitive data.”
According to the IRS, the scam works like this:
Cybercriminals use various spoofing techniques
to disguise an email to make it appear as if it
is from an organization executive. The email is
sent to an employee in the payroll or human
resources departments, requesting a list of all
employees and their W-2 forms.
The cybercriminal then follows up with an
“executive” email to the payroll or comptroller
and asks that a wire transfer also be made to a
certain account. Although not tax related, the
wire transfer scam is being coupled with the W-2
scam email, and some companies have lost both
employees’ W-2s and thousands of dollars due to
wire transfers.
The scam is not new, but reappeared in the last
two weeks. Some organizations being targeted
were also subject to a similar scam last year.
Businesses and organizations are asked to alert
their payroll, finance and human resource
employees about this scam as soon as possible.
Those who don’t have internal policies for
releasing employee W-2s or conducting wire
transfers should consider creating them. |
|
Questions or comments about this
article?
Click here to e-mail! |
|
|
|
|
