End-to-end cyber security services provided by unrivaled experts.Cyber Risk
The Internal Revenue Service recently issued an alert to warn of a new phishing email scheme specifically targeting human resources and payroll professionals and already hitting a number of companies nationwide. The scheme presents recipients with an email request that appears to be from internal executives asking for employees’ personal information. Failing to recognize the scheme, HR and payroll personnel respond and mistakenly release confidential employee and payroll data including Forms W-2 that contain Social Security numbers and other protected information sought by identity thieves. Scams around tax season are not new, but this version of a phishing scheme is proving particularly effective.
Kroll is actively working with companies to combat this scheme, helping organizations fulfill their regulatory data breach notification requirements, and further recommends the following steps for companies who may fall victim to this type of data theft.
Identity thieves often file fraudulent tax returns early in filing season. Usually, the victim is not made aware that the theft has taken place until they find that they cannot file their own legitimate tax return electronically because a return associated with their SSN was already received by the Internal Revenue Service. Additionally, they might receive correspondence by postal mail from the IRS stating that more than one tax return was filed, or they find collection actions were taken against them for a year they did not file a tax return.
Kroll recommends you offer services that go beyond simply monitoring credit. While credit monitoring is meaningful, it does not capture areas of compromise such as tax fraud, employment fraud and criminal impersonation. By offering noncredit monitoring, as well as direct access to investigators to help each employee handle fraud and identity theft issues, you will show your employees that your business is committed to giving them knowledgeable resources to avoid further consequences from the phishing scheme. The reassurance an impacted individual gains from personally speaking with a restoration expert, someone who can answer questions, advise on areas of concern or provide customized preventative action steps, is invaluable.
Should an investigator confirm that an employee’s identity has been stolen or compromised, they can promptly begin a restoration process. Restoration includes investigation of emergent and potentially complex trails of fraudulent activity, making phone calls, issuing fraud alerts, interacting with affected financial institutions and preparing appropriate documentation. The average person is often ill-equipped to handle an identity theft situation, so by providing access to expert guidance, you are going the extra step to fully support your employees in dealing with issues that resulted from the phishing scheme and any resulting breach.
This new phishing scheme represents a persistent trend Kroll continues to see. As the FBI recently warned, all types of phishing schemes have cost U.S. businesses more than $740 million between October 2013 and August 2015. Victim reports have almost tripled since January 2015. Kroll expects the unfortunate trend to continue, and urges companies to take proactive, preventative steps to protect the personal information they store, and recommends offering holistic, responsive solutions to help individuals recover from any resulting identity theft incidents.