Here's How Criminals Could Thieve Your Tax Return

91
Source:   —  April 07, 2016, at 1:56 AM

Assuming the email was legitimate, the worker sent W-2 information — including the names, addresses, two thousand fifteen income details, Social Security numbers and Individual Tax Identification Numbers of an undisclosed no of employees — to what turned out to be a grouping of cybercriminals.

Here's How Criminals Could Thieve Your Tax Return

On March twenty-two an employee at software company Pivotal Labs received an email purporting to be from CEO Rob Mee, asking for personal information about employees. Assuming the email was legitimate, the worker sent W-2 information — including the names, addresses, two thousand fifteen income details, Social Security numbers and Individual Tax Identification Numbers of an undisclosed no of employees — to what turned out to be a grouping of cybercriminals.

The company reported the breach to authorities, opened an investigation and is offering employees identity protection services, according to a notice it shared with employees. The incident was first reported by SC Magazine. (Pivotal Labs didn't immediately return a request for comment.)

The incident highlights a growing scam involving phishing attacks, where criminals utilize stolen W-2 information to impersonate taxpayers and thieve their returns.

"These scams are active right now, particularly at tax season," said Rodney Joffe, senior vice president at Neustar. "And while there have been some mentioned in the press, there are thousands of companies, tiny and large, being targeted each and every day."

Other recent victims made public comprise data storage company Seagate and start-up Snapchat. Seagate inadvertently exposed the tax data of thousands of workers when an employee shared two thousand fifteen W-2 tax form information for current and former U. S.-based employees in response to a phishing email. SnapChat apologized to workers after its payroll dept shared information about some current and former employees in response to an email impersonating CEO Evan Spiegel.

Both companies are investigating, cooperating with authorities and offering employees identity protection services.

The surge in phishing email W-2 scams this year prompted the Internal Income Service to issue a warning to payroll and human resources professionals on March one.

"This is a new twist on an elderly scheme using the cover of the tax season and W-2 filings to attempt tricking people into sharing personal data," said IRS Commissioner John Koskinen. "If your CEO appears to be emailing you for a list of company employees, check it out before you respond."

The Federal Bureau of Investigation also issued a warning about the rise in schemes targeting businesses, financial officers and individuals on March twenty-nine. The W-2 scam is a seasonal variation of what's known as the business email compromise scam (BEC) or "CEO fraud."

Law enforcement has received BEC complaints from victims in every U. S. state and in more than seventy-nine countries, though the vast majority of victims are in the U. S. From October two thousand thirteen through February two thousand sixteen, law enforcement received reports from 17.642 victims, adding up to more than $2.3 billion in losses. Since January two thousand fifteen, the FBI has seen a two hundred seventy % expand in identified victims and exposed loss.

"These scammers only have to be successful a very tiny percentage of the time for it to be lucrative," said Joffe. "And $2.3 billion is a grand motivator for new gangs to obtain into the business, so it'll grow for that reason as well."

The criminal organizations behind the attacks surf the web from what see love Internet cafes, frequently in Nigeria, said Joffe. They research targets online to construct a profile of the company, its corporate structure and the other entities with which it does business. Often, they register a domain that looks similar to the target company, for example, replacing a "W" with a double "VV," adding an additional "ii" into a word or utilize a slightly different domain name, for example, ending in ". co" instead of ". com."

They then send emails from addresses that see nearly indistinguishable from legitimate email accounts within the company.

The attacker will then send an email to a senior executive that looks as if it's coming from another senior executive asking for proprietary information. The criminals will solicit money or other information that they can sell.

"The most malicious email attacks are number longer pleas for funds from a purported Nigerian prince," said Patrick Peterson, CEO of cybersecurity company Agari. "Instead, the cybercriminals of today are sophisticated shape shifters who get the form of your most trusted colleagues — your CEO, CFO or longtime business partner."

For example, they might send an email to the CFO asking for money to be wired to a foreign bank account. Latest year, a finance executive at toy maker Mattel wired more than $3 million to a bank in Wenzhou, China, only to discover out that the company had been the victim of scammers. The company was unusually lucky in that it was able to retrieve its money with the assistance of international authorities.

Alternatively, a gang might target an executive in research and development with a well-crafted email that looks love it comes from another executive asking them to share critical information. One method thieves utilize to stunt people into revealing such information is in the guise of an imminent merger and acquisition deal which requires the executive to divulge detailed competitive information that's normally kept private.

If an employee questions the request, they may obtain an email moments later which appears to forward an email from the CEO verifying the request. They then proceed, satisfied they've vetted the request, and entirely unaware they've exposed the firm to cybercriminals. Two minutes after they complete the transaction, they might get an email seemingly cc'ing the "CEO" thanking them for their cooperation.

There are a large no of cybersecurity companies offering products that aim to identify phishing emails and obstruct them from ever reaching the employee. Agari uses data analytics and machine learning to construct "trust models" that reflect the behavioral pattern of legitimate domains to assistance customers to identify and obstruct phishing attacks. The company counts six of the top ten banks and five of the world'south leading social media networks as customers.

But despite all the security products on the market, the genuine solution lies in raising awareness, said many experts. Cybersecurity firm PhishMe offers a product that teaches employees how to identify and reply to phishing attacks. It counts more than two hundred of the Fortune five hundred companies as customers.

"We took a different approach," said PhishMe CEO Rohyt Belani. "It'south a human that falls prey, that's victimized by this, and let'south work on making the human more resilient."

"People wish silver bullets," said Belani. "Unfortunately, that'south never going to be the case."

READ ALSO
U. S. companies utilize social media to condemn laws seen as anti-gay

U. S. companies utilize social media to condemn laws seen as anti-gay

S. companies took to social media on Wednesday to condemn new laws enacted by southern states that target the lesbian, gay, bisexual and transgender (LGBT) community.

57
James Baldwin's French Quarters Face Demolition

James Baldwin's French Quarters Face Demolition

While so many are condemning the possibility, Steven G. Fullwood, associate curator for the Schomburg Middle for Research in Black Culture, believes the demolition of what was once the beloved abode of Baldwin won't erase the wealthy heritage the author-activist...

102
Spike Lee Talks Black Voters, Brooklyn with Bernie Sanders

Spike Lee Talks Black Voters, Brooklyn with Bernie Sanders

Bernie Sanders sat down with one of the biggest names to hail from his hometown of Brooklyn, legendary film director Spike Lee. Lee is one of Sanders' most energetic and high-profile celebrity supporters in the Huge Apple, and with the fate of the Democratic...

71
Republicans proposal bill to obstruct potential Iran dollar utilize

Republicans proposal bill to obstruct potential Iran dollar utilize

S. senators who oppose the nuclear agreement with Iran introduced a bill on Wednesday that'd hold Iran from gaining even indirect access to the U.

70