By ASIS From “Cyberthieves’ Latest Target: Your Tax Forms”
Wall Street Journal (04/04/16) Sidel, Robin
A new email scam is putting vast amounts of individuals’ tax information in the wrong hands. The perpetrator, impersonating a company’s high-ranking executive from a phony email address that appears legitimate, fools staffers in the payroll or human resources departments into forwarding W-2 forms or other tax information. Thousands of workers have already fallen victim to the scam, which has hit smaller companies to companies as big as Weight Watchers. According to experts, this data is being sold in underground markets to criminals who use the data to file fraudulent tax returns and collect refunds. These thefts can often include Social Security numbers, which are difficult to retain once compromised. The attack has the potential to wreak havoc on a victim for years. Tax officials say thieves are targeting companies of all sizes; at least 50 have already reported that they were victims. The reason the scam is so effective is because it is so simple and low-tech. When preying upon the right type of victim, it becomes very simple to extract the desired information. It also shows that hackers are becoming more aware of who exactly they are targeting. According to experts, the scam has proven that hackers focus on specific employees who have valuable information rather than hacking into a network in a blind search for data.