• Komodo Research

YOUR W-2 FORM IS WANTED FOR PHISHING


Traditionally, tax season opens by the end of January and wraps up with the famous Tax Day holiday when tax dues end. This is a very lucrative time for fraudsters. In order to fill in the tax statement, one is required to use the W-2 form. A W-2 is a U.S. federal tax form, issued by employers, that has a wealth of personal financial information, including taxpayer IDs and how much an employee was paid during the year.


W-2 Fraud Sample

From: john.doe@company-dot-com TO: W2-dot-finance@company-dot-com Subject: Treat as urgent Date: Jan 1, 2017 12:00PM Hi Tony, Please send me the copies of all employees’ W-2 wage and tax statements for 2015 in order to complete a transaction. Please send them as a PDF attachment. Regards, John Doe

The email appears to be a completely legitimate request from a legitimate email address, however, in reality, the email is from somewhere entirely different and has the “REPLY TO” field (that is typically hidden from the end user) set to an email address controlled by the criminal; for example, fakePhisher@mail-dot-com. The email headers would show this.

Once the criminal receives the reply email containing the stolen credentials, it is only a matter of hours until he will try fill out fraudulent tax returns and try to cash out the money.


Recommendations:


Raise awareness about this threat among employees, especially those that handle the W-2 and other tax forms.Maintaining a high-alert mindset among an organization’s personnel is a difficult task. One good solution is to share this relevant news about phishing scams and show the connection between having a high awareness of their existence among employees and reducing the response ratio to them.

10 views
Penetration Testing

TALK TO OUR REPRESENTATIVE

TO LEARN MORE

USA: +1 917 5085546 

UK: +44 20 37694351

ISR: +972 9 955 5565

Komodo Consulting - Penetration Testing Company
  • Komodo Consulting Penetration security services Company on Twitter
  • Komodo Consulting Pentest Testing Company on LinkedIn
  • Komodo Consulting Penetration security testing service provider on Facebook

Copyright © Komodo Consulting