Have any questions? Just call us at 1.866.900.4236

Phishing Scheme Targeting Payroll and HR Professionals

  • Date: Mar 07, 2016
  • Author:
  • Comments: no comments
  • Categories: News

On Tuesday, March 1st The IRS issued a warning (IR-2016-34) related to an email phishing scheme targeting payroll and human resource professionals. This phishing scheme purports to be from a company executive and requests personal information on employees. The following are some details outlined in the IRS release:

  • Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.
  • Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).
  • I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.
Basically, this spoofed email will appear to be from the company's CEO and is being sent to payroll/HR requesting personal identifiable information {PII} (name, DOBs, social security numbers, etc.) in a PDF format.
Yesterday, we learned that hard drive manufacturer (or data storage giant) Seagate Technology was scammed in a similar fashion by giving the attackers W-2 of all current and past employees. E-mail scams are alive and well this time of the year targeting PII and tax information. Business owners, company executives, managers, payroll, and HR professionals must stay vigilant and develop an internal communication plan for discussing employee/personnel matters and personal information electronically. Email is not a secure communication and therefore should be avoided for sharing employee PII.

For professional tax services contact your Kemper CPA Tax Advisor at 866-900-4236
For computer security, forensics, and incident response services contact your Kemper Forensic Consultant at 866-900-4236


No Comments Yet.

Leave a Reply