An email phishing scam is spreading to school districts and nonprofits.
A couple months before tax season, the Internal Revenue Service has seen a marked increase in phishing scams designed to steal information that could help criminals file fraudulent tax returns.
In this scheme, criminals create a spoofed email, which appears to be from an executive within an organization, to a payroll manager asking for a list of employees and their W-2 forms. Once they receive a response, they're able to use that information to file the tax returns, the IRS warned.
It's "one of the most dangerous email phishing scams we’ve seen in a long time," IRS Commissioner John Koskinen said in a statement.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
The scam, which first surfaced last year, used to target businesses, but it's now expanding to schools, tribal casinos, health care groups and temporary staffing agencies, the IRS notice said.
In some cases, the cyber criminals combine the W-2 phishing email with a request for a wire transfer that recipient completes, so some targets lose sensitive employee information and thousands of dollars.
If they suspect they're victims of the scam, employers should report the W-2 thefts to the IRS, so the agency can identify fraudulent returns, the notice said. If employees receive a message they think is a scam, they should send it to firstname.lastname@example.org with "W2 scam" in the subject line. Victim organizations should also file a complaint with the Internet Crime Complaint Center.
IRS also advised against using search engines to find help with tax forms, because "tech support" links can sometimes be fraudulent; the notice emphasized "software 'tech support' will not call users randomly. This is a scam."
If they need help, individuals filing taxes should search instead for paid tax professionals to avoid any online scams.