The government said 200 businesses, public schools, universities, Native American governments and nonprofits were victimized by these scams during this year's tax filing season, resulting in the theft of several hundred thousand employees' data. That's up from 50 in 2016, when the scam first appeared.
Cyberthieves perpetrate the scams by sending emails that appear to come from executives inside the targeted organizations. The emails ask payroll or human resources departments to reply with a list of all employees and their W-2 forms. Some emails also ask companies to transfer money to a specified bank account.
Companies should be on alert for anyone asking for employees' W-2 forms or for wire transfers of money.
The IRS has an email notification address specifically for businesses and organizations to report W-2 thefts: firstname.lastname@example.org. Be sure to include "W-2 scam" in the subject line. Businesses and organizations that receive a suspicious email but haven't been victimized should forward it to email@example.com, also with "W-2 scam" in the subject line. Anyone victimized should also contact the FBI's Internet Crime Complaint Center through its website, www.ic3.gov .
The IRS also has suggestions for avoiding being victimized: