- February 26, 2019
- Posted by: Andy Scheu
- Category: Human Resources
Identify Phishing Emails
The IRS has issued a warning about an increase in phishing email scams directed at payroll and HR personnel. The scams generally involve employee W2’s, direct deposit information, or wire transfers. If successful, these scams can cost your company and your employees thousands of dollars. Here is a description of each scam, and how to identify them.
W2 Scam: The email will impersonate a company executive and request copies of employee W2’s, or a report that details employee social security numbers, home address, and salary information. Once the scammer has this information they will be able to file fraudulent tax returns and collect those employees’ tax returns.
Direct Deposit Scam: The email will impersonate a real company employee, often an executive, and request that their direct deposit information be changed for payroll purposes. The bank account information that they provide will be for an account controlled by the scammer, and once payroll is processed, they will receive the impersonated employee’s wages.
Wire Transfer Scam: The email will impersonate a company executive and is sent to the company representative in charge of wire transfers. The email will request that a wire transfer is made to an account that is controlled by the scammer.
Other scams include fake invoices, gift card requests, and title escrow payments. Here is an example of a phishing email one of our employees, Teresa, received from someone impersonating me, Andy Scheu.
How to Avoid Becoming a Victim
Wrong Email: Teresa noticed that the sender’s email address was different from my actual email address (firstname.lastname@example.org).
Follow Up: Teresa contacted me personally to verify whether or not I had sent the email, and learned that I had not.
Don’t Click: Teresa knows never to click on links or attachments sent by unknown email addresses.
Time & Pay employees take the necessary precautions to make sure that we avoid falling victim to phishing emails, and we hope we can help you do the same.