W2 Phishing Scams—A New Twist on CEO Fraud
If you’ve kept up on phishing scams, then you’ve undoubtedly heard of CEO fraud—an email scheme where cyber-criminals impersonate the boss, requesting a wire transfer or personal information about employees.
Attackers love CEO spoofing emails for one simple reason—it’s easy. There’s no malware to write, no malicious links to imbed, and no major risk of getting caught. Anyone with access to an email account can easily masquerade as a CEO and target unsuspecting employees.
Because this latest scam is so simple (and so lucrative), email spoofing fraud has skyrocketed. And if that wasn’t bad enough, there’s also a new twist on CEO email wire fraud and it’s spreading like wildfire—W-2 phishing.
What are W2-Phishing Scams?
Tax season is like Christmas for cyber-criminals. The bad guys pose as a CEO or another executive member and send off emails asking for employees’ tax information. Once they receive it, fraudsters will file false income tax returns to get refunds. Next, they’ll use personal information to take out loans and generate credits cards, resulting in serious financial loses.
When attackers get what they are after, it’s almost impossible to catch them. Cyber-criminals aren’t dumb. They’ll use whatever laundering methods imaginable to cover their tracks, taking your money and your identity with them.
W-2 Phishing Scams on the Rise
W-2 phishing scams aren’t going anywhere, anytime soon. In fact, cyber-criminals have cast an even wider net in 2017. Email schemes have netted plenty of victims, including school districts, healthcare organizations, restaurants chains, and nonprofits.
How to Prevent Phishing Scams
Phishing scams are a major cause for concern, with email attacks quickly on the rise. As the losses continue to mount, businesses have their hands full trying to stop the financial carnage—but it’s not an easy battle to win.
One method is to train employees to protect sensitive data from getting into the wrong hands. For starters, you should use patches, updates, and security software, as well as set up two factor authentication. Also, think twice before clicking on attachments or downloading files from emails you are not expecting to receive. And remember, if you get a request from your CEO asking for employee information, chances are it’s a phishing scam.
If you are serious about email fraud, you’ll need the help of an IT managed service provider. They know all the ins and outs of cyber-security, helping to close the doors on phishing scams.
For peace of mind from email fraud, contact us today!