ST. PAUL, Minn. (KMSP) - Minnesota IT Services is warning state employees, especially those with access to personal financial information, to be wary of phishing schemes looking for W-2 information during this tax season.
The IRS is reporting a surge in such cases, from just more than 100 in 206 to 900 in 2017.
“They can pretend to be a tax official or a law enforcement official, sometime or sometimes a co-worker inside the organization,” said Aaron Call, Chief Information Security Officer for the State of Minnesota. “The most common means is to invite a user, a citizen, an employee to log into a tax system, something purporting to be a tax system that's actually set up by the attacker.”
Call said Minnesota IT Services or MNIT tries to stop the emails from even reaching state employee inboxes, but that's not always enough.
“In a really busy time, busy tax season for some of these employees, some of these might slip through and so it's not a complete solution, so we're always looking for better ways, better tools means for preventing some of these things from happening,” Call said.
The state has posted signs throughout state government buildings outlining the scheme and how employees can protect sensitive information.
It's not just the state that’s a target. Last year, an employee in the Bloomington Public Schools took the bait from a hacker and forwarded the W-2 forms for all 2,000 employees in the district. Companies as varied as Snapchat and local law firms have also fallen victim. The hackers look to sell the info on the black market or file fake tax returns and collect refunds.
“Even though targeting a business may net you a lot of W-2s, they still target individuals as well; individuals need to be on the lookout,” Call said.
The IRS is encouraging people who encounter these types of phishing emails, but haven’t fallen victim to the scheme, to contact them at email@example.com and use "W-2 scam" in the subject line. Employers who have fallen victim to the scheme are asked to contact firstname.lastname@example.org and use "W-2 data loss" as the subject line.