Cofense Email Security

W-2 Fraud – Tax Season and All Year Long

It’s the time of year when Taxes are on everyone’s mind – especially Phishers!

The stress of filing.  The stress of gathering all the documents.  The stress of reporting.  The stress of the deadline.  All of that on top of everything else you have to do this time of year makes tax time phishing a favorite and highly successful annual event for phishing scams. However, once the filing is completed, it doesn’t mean the campaigns will stop.  W2 and CEO fraud are timeless phishing campaigns that run all year long.

Whether aimed at individuals or businesses, tax time phishing scams and W2 fraud are in high season now.  Some of the simplest requests come through as CEO fraud-type requests without a link or a payload to be delivered and others come through as links to spoofed forms asking for data input.

Image of software interface with data and graphs

The below email pretends to be sent from the “CEO” of the customer company to the VP of Finance who used PhishMe Reporter to send it to PhishMe Triage to be further analyzed.

 Image of email phishing campaign example

The example below is another form of the same attack.

 Image of Email Security incident response workflow

Phishing threat actors have enjoyed a great success using W-2, BEC, and CEO fraud attacks and we can expect that this trend has only begun. The risks associated with lost data, lost funds, and public disclosure following these successes are very real but not insurmountable and not preventable. Instead, organizations can leverage a holistic phishing defense strategy by doing a few things proven to stop attackers from succeeding.

  • Condition and empower the people in your organization to recognize and report phishing attempts
  • Arm your information security professionals to quickly research and respond to threats with the most actionable threat intelligence and incident response platforms—whether in-house or through a service like PhishMe’s Managed Triage.

Stay clear of phishing threats – sign up for our complimentary PhishMe Threat Alerts, delivered straight into your inbox in real-time and at no cost to you.

Share This Article


We use our own and third-party cookies to enhance your experience. Read more about our cookie policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.