If you have been to any of my talks and/or read many of my posts, you know that I have been preaching heavily about W2 scams this time of year. Scammers are hitting up folks with spear phishing attacks asking for W2’s. these look legit and appear to be coming from a person high up in the food chain. I have seen this personally and only the training my people had, and my open door policy, saved our bacon.
This is what just happened in Argyle, Texas:
“District leaders said Wednesday an employee got a “phishing” email that appeared to be from the district superintendent.
That email asked for the 2016 W-2 information for all employees of the district. The employee complied with the email, attaching and emailing all W-2 information.”
I have spoken with FBI Special Agents that tell me that they have seen tax returns filed within 2-3 days from an event like this. Don’t be that guy/gal that let’s all of your employees lose their PII like this. Teach your people about the threat ASAP!
Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the US Army 2nd Regional Cyber Center-Western Hemisphere.