Our colleagues Mark McCreary and Kevin Dermody have published an excellent article entitled “Don’t Get Caught in ‘Phishing Season’” on their Privacy Compliance & Data Security blog. Their article warns of the very real dangers that tax season brings to companies, which are increasingly being targeted by “phishing” or “spear phishing” cyberattack scams. The goal of such scams is to steal employees’ Form W-2 information during tax season. This data (which includes employee names, addresses, and Social Security numbers) can then be used by criminals to commit identity theft.
Every year the Internal Revenue Service compiles its “Dirty Dozen” list of common scams that taxpayers may encounter during the annual tax filing season. For 2017, “phishing” schemes topped the “Dirty Dozen” list.