ThinkstockPhotos-465512675 (2)ALERT, ALERT!!!! The IRS has renewed a consumer alert for e-mail schemes regarding phishing and malware incidents targeted at individuals. That renewal came after an approximate 400 percent surge in such incidents so far this tax season. The 400 percent surge was not the end of the phishing schemes this tax season, and now a phishing scheme is emerging to target payroll and HR.

The IRS has also issued a second alert to warn about additional scams this tax season which are designed to trick HR and payroll professionals to provide personal information on employees. Unlike prior scams, the e-mails are no longer just designed to trick taxpayers into thinking the IRS is attempting to contact them for personal information. This latest phishing scheme is a variation known as a “spoofing” e-mail crafted to look as though it came from within the company being targeted – e.g., company executives.

A common example described in the most recent alert indicates that the e-mail will use the actual name of the company chief executive officer so that the email appears to be from the “CEO” to a company payroll office employee. The “CEO” will ask that the employee provide a variety of personal information for “review”. Some of the reported requests include:

  • Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.
  • Can you send me the updated list of employees with full details (name, social security number, date of birth, home address, salary) as at 2/2/2016?
  • I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me ASAP.

IRS Criminal Investigation is already reviewing several cases in which people have been tricked into sharing SSNs with what turned out to be cybercriminals.

Payroll and HR professionals need to be vigilant this tax season, because now those phishing hope to lure you into providing them with sensitive employee information. When in doubt, politely verify the request before forwarding sensitive information, including W-2s, filing status and PIN information.