The tax season is a stressful time of year for businesses, but now hackers are targeting this period in order to steal employee data and funds.

Using a social engineering approach, hackers are able to trick businesses into relinquishing highly sensitive information and, in particular, W-2 details such as individual employees’ wages and salary. And with this form of social engineering becoming more and more active, it’s affecting an increasing number of businesses.

Seeing as every business has to deal with their taxes in a responsible manner, this is an area of hacking which needs to be closely guarded against; this need for security is even more necessary as it can affect individual employees. Therefore, we’re going to take a closer look at this increasing threat.

Tax Season Hacking

290x195cybercrime99Tax fraud has, traditionally, been a form of hacking reserved for only the most advanced hackers, but with the rise of relatively simple social engineering methods, this hacking technique has steadily become more accessible.  Many smaller businesses are now being targeted and these can include non-profit organizations, restaurants and schools.

And with tax themed spam traps increasing by over 6000% between December 2016 to February 2017, it’s a highly worrying time of year and businesses need to be on their guard. What form, though, do these attacks take?

Well, there are a number of attack methods and these are:

  • Processed Tax Refund – Spam emails which claim to originate from the IRS have been appearing in email inboxes and advise that they are due a tax refund which has now been processed. All the recipient needs to do is open an attachment to get started, but this attachment actually contains infected macros which can give hackers remote access to your PC.
  • W-8BEN Phishing Scam – the W-8BEN form is used by Non-US citizens to clarify their tax exemption details and involves passport and personal information. As this type of data is highly sensitive and valuable, hackers are now targeting this information by sending emails purporting to be from the IRS and requesting copies of the recipients’ completed W-8BEN form and scans of their passport.
  • W2 Data Theft – Due to the valuable data contained in W2 forms (wages, taxes etc), many cybercriminals are targeting these. Copies are sent to businesses for all their employees, so hackers are actively trying to breach network security to procure these forms and any associated tax databases in order to sell this information on the dark web.

Combatting Cyber Tax Crime


The most important factor to bear in mind with this form of cybercrime is that the IRS will NEVER email you to request personal information. Although this seems like common sense, many people are tricked by this approach and willingly give out information when they’re promised tax refunds. The main things to look out for and consider with these types of scam are:

  • Emails with poor grammar and spelling – Government agencies tend to have their emails thoroughly proofread before being sent out to the general public en masse.
  • Dubious links – Although links contained within phishing emails may appear genuine, if you hover your mouse cursor over these links then the true destination of the link will be revealed; if this address is different to the one written in the email then it’s highly likely this is a dangerous link.
  • Common sense – If you’ve already filed your tax reforms and aren’t expecting a tax refund then you should be highly suspicious of any emails regarding these issues.

For more ways to secure and optimize your business technology, contact your local IT professionals.

365 View