Scam of the day – February 6, 2017 – IRS issues urgent alert about evolving W-2 scam

Income tax identity theft is a multi billion dollar problem that costs the government and, by extension,  we the taxpayers billions of dollars each year while tremendously inconveniencing the individual taxpayers whose identities are stolen as it generally takes the IRS months to fully investigate each instance of identity theft and send to the victimized taxpayer his or her legitimately owed tax refund.  Armed with a potential victim’s name and Social Security number, it is a simple matter for an income tax identity thief to file a phony return with a counterfeit W-2 to obtain a fraudulent income tax refund.

A year ago, when this scam first surfaced, I first warned you about identity thieves tricking companies into providing employee W-2s to them.  These stolen W-2s  contain all of the information the identity thieves need to file a fraudulent income tax return.  The scam works by sending phishing emails to HR and accounting departments within companies often posing as the CEO of the company or someone else in upper management requesting copies of all employee W-2s under various guises.  Other times, payroll management companies have been targeted using the same type of phishing emails.  In some instances, the phishing emails have been recognized as scams, but in other instances, companies have unwittingly handed over thousands of W-2s to clever identity thieves.

Now the IRS has issued an urgent alert indicating that the scam has evolved from merely targeting companies to school districts, non-profit organizations, restaurants, temporary staffing agencies and others.  In addition, the IRS is saying that the scammers are now combining this scam with the business email scam by which the employees receiving the email asking for W-2s to be sent are also asking the employees to wire money for various purposes.  According to IRS Commissioner John Koskinen, “Although not tax related, the wire transfer scam is being coupled with the W-2 scam email, and some companies have lost both employees’ W-2s and thousands of dollars.”


All companies have got to do a better job of training employees to recognize phishing emails and installing anti-phishing software programs.  In addition, dual factor authentication should be used before transmitting sensitive data to make sure that the person to whom the material is being sent is really who they represent they are.  These same lessons that apply to companies also apply to all of us as individuals, as well.  Phishing is done to steal the identities and information of unwary individuals every day and the best way to protect yourself is to start with remembering my motto, “trust me, you can’t trust anyone.”  Never provide personal information to anyone who asks for it by phone, text message or email unless you have absolutely confirmed that the request is legitimate and the person or company requesting the information has a legitimate need for the information.  Never click on links or download attachments from emails or text messages unless you have confirmed they are legitimate because those links and attachments could contain keystroke logging malware that can steal all of the information from your computer and use it to make you a victim of identity theft.  Finally, keep all of your electronic devices including your smartphone up to date with the latest security software patches.

Scam of the day – December 30, 2014 – Accountant wire transfer scam

The accountant wire transfer scam, which is a scam that has been with us for a long time appears, in recent months, to be occurring with even greater frequency.  The scam starts with the accounting firm receiving an email purporting to be from one of their clients instructing the accounting firm to wire funds to a vendor, which often may be out of the country, on behalf of the client.  The email generally indicates that this is an emergency and the funds must be transferred immediately and that the client is traveling and unavailable to speak by phone.  The email may appear to be legitimate and may indeed even come from the email address of the client, however, the accountant soon learns that the request for a wire transfer is phony and money transferred is lost and the accounting firm is on the hook for the funds it transferred to the scammer.


This kind of scam has a number of aspects that should arouse suspicion.  The emergency nature of the requested transfer coupled with the inability of the client to speak with the accountant by phone are definitely signs of a possible scam.  The amount being requested to be wired in these types of scams also generally does not match typical business expenditures authorized by the client.  In once case, an accounting firm wired $450,000 without confirming the legitimacy of the request.  It is important to remember that hacking into and taking control of someone’s email address so a communication may appear to be legitimate is a simple matter to a skilled scam artist.  They are not called scam artists for nothing.  Accounting firms and any fiduciary with access to the funds of a client should never transfer funds in response to an electronic communication without a confirming phone call to the client.