Sign up to our newsletter
Less than a month after it “renewed a consumer alert” for phishing scams, the Internal Revenue Service (IRS) in the US has delivered another warning aimed this time at payroll and human resources professionals.
It said that it has identified an “emerging phishing email scheme” that claims to be from business executives. The fraudsters behind the campaign ask for personal information belonging to workers, targeting those in payroll departments and HR.
Unfortunately, the scam has managed to dupe a number of professionals into emailing back the requested information. Included in the fake email are the following requests:
“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data,” said John Koskinen, commissioner of the IRS.
“If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.”
News of this comes on the back of a similar scam at Snapchat. The company said that one of its employees had fallen victim to the hoax, resulting in cybercriminals obtaining payroll information belonging to some of its employees.
“Snapchat’s payroll department was targeted by an isolated email phishing scam in which a scammer impersonated our chief executive officer and asked for employee payroll information,” it explained on its blog.
“Payroll information about some current and former employees was disclosed externally. To be perfectly clear though: None of our internal systems were breached, and no user information was accessed.”
Author Narinder Purba, We Live Security