If you have been to any of my talks and/or read many of my posts, you know that I have been preaching heavily about W2 scams this time of year. Scammers are hitting up folks with spear phishing attacks asking for W2’s. these look legit and appear to be coming from a person high up in the food chain. I have seen this personally and only the training my people had, and my open door policy, saved our bacon.
This is what just happened in Argyle, Texas:
“District leaders said Wednesday an employee got a “phishing” email that appeared to be from the district superintendent.
That email asked for the 2016 W-2 information for all employees of the district. The employee complied with the email, attaching and emailing all W-2 information.”
I have spoken with FBI Special Agents that tell me that they have seen tax returns filed within 2-3 days from an event like this. Don’t be that guy/gal that let’s all of your employees lose their PII like this. Teach your people about the threat ASAP!
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec