The IRS is warning payroll and HR professionals about a phishing scheme that is resulting in employee data (W-2 forms, social security numbers and other personally identifiable information) being released to cybercriminals. In a warning issued earlier this week, the IRS describes the scheme in which scammers “spoof” company executives and request personal information on employees. Click here to read the IRS warning which contains detailed information about the emails and the phishing scheme.
Unfortunately, many employers are falling victim to this scheme. These attacks underscore what our Privacy and Data Security attorneys saw last year around this time: employee data is quickly becoming a favorite target for hackers and scammers. Even employers that have shored up other aspects of their cyber security profile may still be subject to these forms of attacks, because traditionally, less focus has been placed on HR from a cyber standpoint.
This is a perfect time to take an internal assessment, under privilege, of what policies a company has in place and how those policies are implemented, so as to reduce the likelihood of this type of loss.
Attorney Advertising. Prior results do not guarantee a similar outcome. This publication is provided as a service to clients and friends of Harter Secrest & Emery LLP. It is intended for general information purposes only and should not be considered as legal advice. The contents are neither an exhaustive discussion nor do they purport to cover all developments in the area. The reader should consult with legal counsel to determine how applicable laws relate to specific situations. ©2016 Harter Secrest & Emery LLP