The NASPP Blog

Tag Archives: phishing scheme

January 3, 2018

Be Suspicious

What would you do if you got an email from your CEO, asking you to provide a report of taxable income, including employee IDs—stat? A) Respond with the requested information as quickly as possible or B) be very suspicious?

As it turns out, you should be very suspicious.

Phishing Scheme Targets Payroll and HR

Most phishing schemes have little to do with stock compensation, but a scheme that the IRS has issued an alert on in the past hits a little close to home.  This scheme targets payroll and HR personnel. The scammer sends an email that purports to be from the company’s CEO or other executives and requests that the recipient provide employee data, including personal and W-2 information.

If successful in acquiring this information, the scammer then submits false tax returns (possibly with both state and federal tax authorities) and collects on any refunds due to employees.

According to the IRS, the email may include the following (or similar) requests:

  • Kindly send me the individual 2017 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review
  • Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as at 2/2/2017.
  • I want you to send me the list of W-2 copy of employees wage and tax statement for 2017, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

Kindly?

It seems to me that the big giveaway here is the use of the word “kindly” in the above requests. What executive ever used that word when asking for a report ASAP?

Let’s Be Careful Out There

Payroll and HR aren’t that far removed from stock plan administration. Some of you probably wear both hats.  It’s always a good idea to verify any unusual requests from executives and to make sure that any personal data for employees, including compensation data, is transmitted in a secure manner, especially if that data includes employee identifiers, such as names and ID numbers.

You also might want to make sure your colleagues in payroll and HR are on alert for this scam. It’s more widespread than you think and it’s a mess to resolve; you don’t want it to happen to you or your fellow employees.

– Barbara

Update: Since I posted the blog, the IRS has announced that this phishing scheme has emerged as “one of the most dangerous phishing emails in the tax community.” Make sure your payroll team is aware of it. If your company has been victimized by this scheme, the IRS urges you to report it to them as soon as you become aware of it; see their press release for information on how to report it.

Tags: ,

March 22, 2016

Tax Phishing Scheme Targets Payroll, HR

What would you do if you got an email from your CEO, asking you to provide a report of taxable stock plan transactions, including employee IDs—stat? A) Respond with the requested information as quickly as possible or B) forward the email to your IT department for investigation?

As it turns out, B might be the correct answer.

Phishing Scheme Targets Payroll and HR

If you are on the IRS’s mailing list, you know that it’s once again that time of year when the IRS sends out alert after alert about tax phishing schemes.  Most have nothing to do with stock compensation, but a recent alert hits a little close to home.  A new tax phishing scheme targets payroll and HR personnel.  In a phishing scheme, a scammer masquerades as a representative of a legitimate business to trick people into giving out personal information that the scammer can use for illicit purposes.

This phishing scheme involves an email that purports to be from the company’s CEO or other executives and requests that the recipient provide employee data, including personal and W-2 information.

According to the IRS, the email may include the following (or similar) requests:

  • Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review
  • Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as at 2/2/2016.
  • I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

Kindly?

It seems to me that the big giveaway here is the use of the word “kindly” in the above requests. What executive ever used that word when asking for a report ASAP?

Let’s Be Careful Out There

While the schemes don’t yet seem to involve stock compensation, payroll and HR aren’t that far removed from stock plan administration. Some of my readers probably wear both hats.  It’s always a good idea to verify any unusual requests from executives and to make sure that any personal data for employees, including compensation data, is transmitted in a secure manner, especially if that data includes employee identifiers, such as names and ID numbers.

– Barbara

Tags: , , , , ,