CyberWisdom Safe Harbor Commentary:
You may be familiar with CEO fraud – e-mail scams, where attackers mock the boss and trick employees into distribution funds. Fraudsters now act as chief executives, instead of requiring wire transfers, they require a copy of all employees W-2 form. Once they have mastered the forms, they will sell the forms or submit fraudulent tax returns on the Dark Web site.
Anglers have become bolder in recent years pursuing a wider range of organizations and employees. According to the IRS Return Integrity Compliance Services, the number of W-2 phishing emails reported increased 870% from 2016 to 2017. According to all accounts, there is no sign that this deception will slow in 2018. Information Security and Human Resources Teamwork is Critical Together to develop continuous and constructive phishing assessments and training. With both teams training online, employees will become an active defensive layer for identifying and reporting suspicious emails. In addition, reminding all employees on a regular basis, email is not a secure way to transfer sensitive information and is the key to ensuring that everyone is protected.
It is just as important to warn employees about the threats they face outside the office. The IRS impostor’s fraudulent calls are also expected to increase this tax season. These scam artists often manipulate Caller ID to make it look like the phone is legal. Once one of these fraudsters contacts, they will either request an immediate payment, or they will claim that the victim is eligible for a refund, and sensitive personal information must be verified and therefore leaked.
In addition to the negative financial impact, if personal information is exposed, it can significantly increase the chances of identity theft. Those who leak personal information may take hundreds of hours to resolve and restore their good name. For employers, this means that their employees may take a long time to work, seriously affecting productivity.
In today’s digital world, this is not an issue if it is your goal of criminal gain. In 2017, data breaches were 45% more than in 2016, putting hundreds of millions of individuals and households at risk of identity theft. CISOs, welfare and human resource managers must work together to provide the team with the best security, tools, and training.
For IT and cybersecurity professionals, you know that tax season is breach season. The first three months of the year is when your employees are most likely to be targeted by cybercriminals to compromise sensitive information and file fraudulent tax returns. There are several ways that these fraudsters infiltrate company systems, but the most common is through blending CEO fraud with W-2 phishing scams. You are probably familiar with CEO fraud – email scams where the attacker imitates the boss and tricks an employee into wiring funds. Fraudsters are now impersonating the CEO and, rather than requesting a wire transfer, they ask for a copy of all employee W-2 forms. Once they have these forms in hand they’ll sell them on the Dark Web or file fraudulent tax returns. Phishers have gotten bolder in recent years, going after a wider range of both organizations and employees. According to the IRS Return Integrity Compliance Services, reports of W-2 phishing emails increased 870 percent from 2016 to 2017. Engaging post, Read More…
thumbnail courtesy of scmagazine.com
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »