A Digital Defense Against W-2 Theft

A Digital Defense Against W-2 Theft

The FBI gives basic steps to mitigate the threat of W-2 theft.

  • By Sydny Shepard
  • Mar 08, 2018

It is "prime time," about a month before April's tax filing deadline, for cybercriminals and scam artists looking to cash in on your personal tax information. The FBI has recently issued an updated warning for businesses and employees to be on the watch for W-2 theft.

If a cybercriminal gets ahold of your W-2, he or she has the ability to file your tax return, and get your refund, before you do. There is also a great deal of personally identifiable information, including your Social Security Number, that could lead to numerous other problems for a victim.

The FBI says the most common way a scam artist could get your W-2 information is through a phishing scheme. The hacker, pretending to be an executive at the company, sends an email to the HR department and asks for employee's personal information or their W-2's, perhaps for tax or audit purposes. In some cases, hackers have been able to cause a massive data dump affecting thousands of employees.

So, how can you strengthen your company to ensure this doesn't happen and the data of your employees is protected? The FBI's Internet Crime Complaint Center has put together some basic steps that businesses can take to mitigate the threat:

  • Limit the number of people who have access to employees' person information and W-2's.
  • Set up two-factor verification system to confirm the request and receipt of such sensitive information.
  • Establish protocols for sensitive information requests ahead of time and outside the email environment.
  • Ensure that you secure sensitive PII and W-2 information with encryption.
  • Establish and maintain robust and strong security for your data, including firewalls, virus protection and spam filters.

"Businesses that have suffered a data breach involving tax information should immediately report that breach to the IRS and your state tax agency," the FBI said. "The IRS also wants to hear from you if you received a W-2 phishing e-mail but did not fall victim to the scam."

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • 5 Tips to Improve Your Password Security

    Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date. Read Now

  • Enhancing Port Security

    DP World Yarimca, one of the largest container terminals of the Gulf of İzmit and Turkey, is a strong proponent of using industry-leading technology to deliver unrivaled value to its customers and partners. As the port is growing, DP World Yarimca needs to continue to provide uninterrupted operations and a high level of security.To address these challenges, DP World Yarimca has embraced innovative technological products, including FLIR's comprehensive portfolio of security monitoring solutions. Read Now

  • Hot AI Chatbot DeepSeek Comes Loaded With Privacy, Data Security Concerns

    In the artificial intelligence race powered by American companies like OpenAI and Google, a new Chinese rival is upending the market—even with the possible privacy and data security issues. Read Now

  • Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

    Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025. In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis. Read Now

Most   Popular

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.