5 Tips for Businesses to Avoid W-2 Phishing Scams
It’s tax season once again, which means fraudsters are ramping up their efforts to dupe businesses into handing over the personal information of their employees via W-2 phishing scams. Around this time, fraudsters are known to use the phishing method to scam payroll and HR professionals who manage W-2 tax forms. Since the IRS is now accepting 2016 tax returns, it has been reported that there has been an increase in W-2 phishing emails. Smaller tech companies are usually the most vulnerable, since they are less likely to have formal policies and procedures in place for handling employee information.
Wilson Sonsini Goodrich & Rosati suggest these 5 tips that businesses can take in order to help their employees avoid W-2 phishing scams:
- Technical measures: make sure employees have the right software protection, such as email monitoring software, to block potential phishing emails from reaching their inbox.
- Inform: educate employees about potential scams and what they look like so they can avoid becoming a victim.
- Policies and procedures: implement administrative controls. If an employee receives a corporate email requesting personal information, transfer of funds, or confidential or sensitive information, ask them to obtain verbal confirmation from the sender before taking any further action.
- Training: raise awareness and educate. To help prevent scams, provide regular employee training about data security risks to keep them alert and aware.
- Email Safety: instruct employees to be cautious when clicking on links and opening files attached in emails from unknown senders, the file could be a malicious attachment.
Exercising caution when opening and responding to emails is critical to protecting personal information from identity theft and other scams. FTC has created a wide array of materials to help educate people about this growing issue. To learn more, visit the Federal Trade Commission website here.