The Internal Revenue Service (IRS) recently warned companies to be on the lookout for an email scam that uses a corporate officer’s name to request employees’ W-2s from company payroll or human resources departments.

Initially making its debut last year, this W-2 scam has cybercriminals tricking payroll and human resource officials into disclosing employee names, Social Security numbers (SSNs) and income information to later file fraudulent tax returns for refunds. With new notifications that the scam is making its way across the nation again, the IRS urges company payroll officials to double check any executive-level or unusual requests for lists of Forms W-2 or SSN.

This phishing variation is known as a “spoofing” e-mail. It will contain, for example, the actual name of the company chief executive officer. In this variation, the “CEO” sends an email to a company payroll office or human resource employee and requests a list of employees and information including SSNs.

The following are some of the details that may be contained in the emails:

  • Kindly send me the individual 2016 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.
  • Can you send me the updated list of employees with full details (Name, SSN, Date of Birth, Home Address, Salary).
  • I want you to send me the list of W-2 copy of employees wage and tax statement for 2016, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

Don’t let your company and employees fall victim to this scam. Payroll and HR professionals should take precautionary measures by emailing the CEO to validate they have requested the information.

If you receive a suspicious phishing email such as the above, report it to the IRS by forwarding the email as-is to reportphishing@antiphishing.org. Please contact Doeren Mayhew’s tax advisors with any additional questions.