The IRS Tells Employers How to Report W-2 Scams

The IRS Tells Employers How to Report W-2 Scams

The IRS is explaining, in a recent release, what employers should do if they become the victim of a W-2 scam.

Background Information

Any employer could become the target of a W-2 scam. In recent years, these scams have become one of the more dangerous e-mail crimes involving tax administration. The e-mails appear to be from an executive or organization leader to a payroll or human resources employee. It may start with a simple, “Hey, you in today?” and then asks for tax and personal information about employees. By the end of the exchange, all of an organization’s Forms W-2 for their employees may be in the hands of cybercriminals. This puts workers at risk for tax-related identity theft.

Because payroll officials believe they are corresponding with a company executive, it may take weeks for someone to realize a data theft has occurred. Generally, the criminals are trying to quickly take advantage of the theft. In some cases, they file fraudulent tax returns within a day or two to steal tax refunds. This scam is such a threat to taxpayers that a special IRS reporting process has been established. 

The IRS is advising employers who are the victims of this scheme to report it as follows:

  • E-mail dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the e-mail can be properly routed. Don’t attach any information about employees’ personally identifiable data.
  • E-mail the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.
  • A business/payroll service provider should file a complaint with the FBI’s Internet Crime Complaint Center (IC3.gov). A business/payroll service provider may be asked to file a report with their local law enforcement agency.
  • Notify employees so they can take steps to protect themselves from identity theft. The Federal Trade Commission’s www.identitytheft.gov provides guidance on general steps employees should take.
  • Forward the scam e-mail to phishing@irs.gov.

The IRS is also encouraging employers to put steps and protocols in place for the sharing of sensitive employee information such as Forms W-2. One example would be to have two people review any distribution of sensitive W-2 data or wire transfers. Another example would be to require a verbal confirmation before e-mailing W-2 data. Employers also are urged to educate their payroll or human resources departments about these scams.

Subscribe Our Newsletter

[gravityform id="4" title="false" description="false" ajax="true" ]

Search

Categories

Categories

Unlock the potential of your business

Latest Posts

Related resources

Lorem Ipsum is simply dummy text.

White paper

Lorem Ipsum is simply dummy text.

guides

Lorem Ipsum is simply dummy text.

Related post

Lorem Ipsum is simply dummy text.

Article

About the CJ Group

The CJ Group is an accounting and advisory firm specializing in tax, audit, and business accounting services such as payroll, bookkeeping, and controller services. The CJ Group also provides specialist niche services in benefit plan audits. The firm services small to middle-market companies in a wide range of industries, including manufacturing and distribution, metals, professional services, healthcare, auto dealerships, real estate, hospitality, technology, labor unions and HUD-Assisted Housing.

The CJ Group is an Independent member firm of BKR International with firms in principal cities worldwide. The CJ Group, Cornwell Jackson, the CJ Group logo, and the Cornwell Jackson logo are registered trademarks of Cornwell Jackson, PLLC.

Corporate Contact:

For more information, visit

Follow us on

Unlock the potential of
your business

Let’s Connect

Location

6801 Gaylord Pkwy, Suite 302 Frisco, TX 75034